caee215120
Always remember me
...
Fixes #8004
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-04-06 15:44:28 +02:00
30e76f9f14
Add footer to public page template
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-04-05 12:22:01 +02:00
bbeb3402b6
Move styling and menu handling to publicpage.js
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-04-05 12:21:39 +02:00
990ca145d7
Remove "Alternative logins" title on login page
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-03-14 11:38:57 +01:00
83873e3da1
Remove deprecated URL functions for OCP\Util
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-03-13 22:04:08 +01:00
1046fb5111
Update login.php
...
Fixed grammar issue.
Reported at Transifex. See https://www.transifex.com/nextcloud/nextcloud/translate/#af/$/124614533?issue=yes
2018-03-08 20:08:11 +01:00
d9bd6f3253
Fixed public template
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-03-07 11:05:23 +01:00
15a3caedc0
Create special option to toggle header menu container
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-03-04 14:12:29 +01:00
fd830b90eb
Fix acceptance test for new menu structure
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-27 12:25:53 +01:00
faeb277ece
Fix popovermenu
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-27 12:25:52 +01:00
d07d66e24b
Add public template
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-27 12:25:52 +01:00
74325f1f94
Use array in t() calls in exception template
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-23 11:18:29 +01:00
cacfe3a360
Fix more templates
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-02-21 20:30:44 +01:00
be42df8e48
Referrer fix (no-referrer)
...
Blocking referrer information should be done with "no-referrer" and not "never". See
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
Signed-off-by: Ralph Slooten <axllent@gmail.com>
2018-02-08 08:31:24 +13:00
a661f043e1
Remove unneeded semicolon and parentheses
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 23:46:40 +01:00
a607d737c6
Fix wording
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-01-15 21:44:03 +01:00
7cab7feb38
Display message when connection is throttled on logi page
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-01-15 21:43:09 +01:00
a82c8f58cc
made small changes to login screen
...
added height back 70px back to footer and removed .htaccess file
Signed-off-by: Robert R Pirritano <rpirritano@gmail.com>
2018-01-11 12:37:47 +01:00
927626cbaa
Fix appmenu svg double invert
...
This fixes a regression caused by 9b668d0
2018-01-10 09:11:32 +01:00
63b4d7e183
Remove css invert since we are using svg filters for now
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-01-03 14:42:08 +01:00
8a226811dc
Invert app icons on IE11 as well
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-01-03 14:42:07 +01:00
f5f6ed664d
Hide stay logged in checkbox when flow authentication is used
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-12-28 11:15:26 +01:00
21fbcba68d
Removed unwanted and unused spacer
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-12-12 16:45:56 +01:00
369069687f
Adjust style of new password form to default
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-16 21:18:15 +01:00
381967f35e
Merge pull request #7013 from nextcloud/forgot-password
...
Directly show "Forgot password?" link, fix #6808
2017-11-14 15:32:27 +01:00
8c915baa34
Merge pull request #6788 from staabm/master
...
Prevent XSS in links which open a new browser window
2017-11-08 18:55:35 +01:00
cd1bfea8c4
Theming: theme flow redirection page
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-11-08 14:56:32 +01:00
8fea22314c
Fix template order and animation
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-11-05 18:14:52 +01:00
494dea2c60
Fix variable name
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-11-03 15:17:24 +01:00
585e9f9fcd
Add some JS to hide and show elements for password reset
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-11-02 12:04:35 +01:00
aca29b0c88
Directly show Forgot password link, fix #6808
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-11-02 12:03:31 +01:00
f2d4c64c9a
Translate Grant Access
...
Fixes #7038
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-11-01 15:50:34 +01:00
db34b59238
Prevent XSS in links which open a new browser window
2017-10-19 12:16:04 +02:00
060eac40d8
Merge pull request #6700 from nextcloud/accessibility-fixes
...
Accessibility fixes
2017-10-04 16:09:29 +02:00
4e484fc217
Update enable javascript link to https
2017-10-02 15:37:58 +01:00
2cd467f3f0
Remove unneeded tabindex, add keyboard focus feedback for app list
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-09-29 20:01:15 +02:00
d3ae77590a
Merge legacy app title h1 into Nextcloud h1, ref #5822
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-09-29 19:31:05 +02:00
9fb37a2990
Add proper labels to various form elements and buttons
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-09-29 19:25:32 +02:00
753c6fd07b
Add alt text to app icons in header
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-09-29 18:14:39 +02:00
699c64c750
Add manifest.json to the login page
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-09-12 09:23:13 +02:00
d6adc240c4
Spelling: Shortening and single please.
2017-08-29 16:10:54 +02:00
7d8b7d4e4e
Merge pull request #4925 from nextcloud/error-styling
...
Improve design and wording of various error messages
2017-08-29 12:03:16 +02:00
a04feff9a7
Properly allow \OCP\Authentication\IApacheBackend to specify logout URL
...
Any `\OCP\Authentication\IApacheBackend` previously had to implement `getLogoutAttribute` which returns a string.
This string is directly injected into the logout `<a>` tag, so returning something like `href="foo"` would result
in `<a href="foo">`.
This is rather error prone and also in Nextcloud 12 broken as the logout entry has been moved with
054e161eb5nextcloud/user_saml#112 ,
people cannot logout anymore when using SAML using SLO. Basically in case of SAML you have a SLO url which redirects
you to the IdP and properly logs you out there as well.
Instead of monkey patching the Navigation manager I decided to instead change `\OCP\Authentication\IApacheBackend` to
use `\OCP\Authentication\IApacheBackend::getLogoutUrl` instead where it can return a string with the appropriate logout
URL. Since this functionality is only prominently used in the SAML plugin. Any custom app would need a small change but
I'm not aware of any and there's simply no way to fix this properly otherwise.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-18 12:22:44 +02:00
44c6745159
Remove quotes around device name
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-14 11:48:56 +02:00
bd43758118
Highlight client identifier in auth grant page
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-14 10:42:19 +02:00
ebdfcb1fe3
Add heading to account access page
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-08-12 19:29:49 +02:00
faea9cb294
Shorten text of untrusted domain error
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-08-12 19:01:42 +02:00
83b0191017
fix design of the track trace
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-12 18:48:48 +02:00
9f67fb86c8
Improve design of various error messages
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-08-12 18:48:48 +02:00
d7645ee928
Merge pull request #5972 from nextcloud/replace-loading-icon-gif-with-pure-css-in-login-button
...
Replace loading icon GIF with pure CSS in login button
2017-08-08 14:40:35 +02:00
b237379fa1
Replace loading icon GIF with pure CSS loading icon
...
The pure CSS loading icon uses an ::after pseudo-element, and thus it
can only be used on container elements; the input element is not a
container element, so when the class "icon-loading-small" is set on an
input element it falls back to a loading icon GIF.
This commit modifies the markup of the login button to add a div element
that holds the confirm icon and the loading icon (depending on the
case). In order to position the icon in the same place as before the
input and the icon are both wrapped by another div making possible to
set the absolute position of the icon relative to the input.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-08-03 21:09:43 +02:00
9abbd6ab13
Revert "Proof of concept #5593 - inline SVG icon for icon-contacts"
2017-08-03 17:27:24 +02:00
585e5c6ea5
Logo claim is not used anymore
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-02 23:08:45 +02:00
c658862052
Replace `include` with `file_get_contents`
...
Signed-off-by: Marin Treselj <marin@pixelipo.com>
2017-08-02 18:27:24 +02:00
ffcdc96a0b
Proof of concept #5593 - inline SVG icon for icon-contacts
...
Signed-off-by: Marin Treselj <marin@pixelipo.com>
2017-08-02 18:27:24 +02:00
6ca4b9eee9
Merge pull request #5920 from nextcloud/gallery-share-view-fix
...
Top bar buttons in share view are wrong positioned
2017-08-02 16:59:24 +02:00
086ce709f7
Fixes nextcloud/gallery#269
...
Signed-off-by: Marin Treselj <marin@pixelipo.com>
2017-07-28 14:44:29 +02:00
0de90cfc67
Fix 403 and 404 redirect
...
* Nextcloud is not properly loaded in the standalone version (especially the theming)
* it is already not listed anymore in the Nginx config (see nextcloud/documentation#392 )
* the index.php-free version doesn't support this
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-26 16:30:09 +02:00
5d5b1285ec
Merge pull request #5520 from nextcloud/disable-click-on-hint
...
[Small] Hint should not be clickable
2017-07-05 16:19:09 +02:00
3470d0a44e
Simplified Nextcloud logo icon
...
Signed-off-by: Marin Treselj <marin@pixelipo.com>
2017-07-02 14:14:49 +02:00
5389ffca86
Hint should not be clickable
...
Signed-off-by: Maxence Lange <maxence@nextcloud.com>
2017-06-23 09:18:20 -01:00
8eb955d5c6
Merge pull request #4993 from michaelletzgus/emit_css-tags
...
Emit css tags
2017-06-14 11:29:25 -05:00
0f83cdc78e
Use the guest.css for the maintenance page as well
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-06-13 16:43:25 -05:00
0d320fba4b
Streamline templates, more DRY
...
Use Unified function to emit <link> tags for css loading, obey "Don't Repeat Yourself" ;-)
(Next step might by to combine this with the emit <script> function (even more DRY?) AND move all this to a better place?)
Signed-off-by: Michael Letzgus <michaelletzgus@users.noreply.github.com>
2017-05-25 11:13:43 +02:00
0dae4946cf
Merge pull request #4854 from michaelletzgus/deferred-script-loading-v2
...
Make page loading faster, deferred script loading, now switchable:
2017-05-20 16:53:30 -05:00
fb9f13d4c1
Make page loading faster by deferred script loading:
...
* Create generalized function for emmitting <script defer src=""> tags to templates
* Remove type attribute from inline_js
* Add defer attribute to external <script> tags
Signed-off-by: Michael Letzgus <michaelletzgus@users.noreply.github.com>
2017-05-20 13:44:04 +02:00
3775b14c4c
remove 'Alternative login using app token' in case of oauth login
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-05-18 20:49:05 +02:00
5f71805c35
Add basic implementation for OAuth 2.0 Authorization Code Flow
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:03 +02:00
3fa604cc5e
Allow to enforce update via web UI
...
* adds a disclaimer that an update via web UI is on own risk
* allows to skip the warning
* fixes #4353
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-11 10:22:44 -05:00
abe4a19cbc
Properly decide on actual users if instance is too big
...
* state the reason why NC thinks it is a big instance
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-10 22:32:42 -05:00
26f7a3b462
Check if Nextcloud is installed
...
Fixes https://github.com/nextcloud/server/issues/4735
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-08 15:10:53 +02:00
fecf72fb70
Merge pull request #4632 from nextcloud/login-logo-ratio
...
show non landscape logos bigger on the login page
2017-05-08 12:11:15 +02:00
c50b7addc7
smaller max logo sizes and cleaner code
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-05-02 13:01:11 -03:00
fa52f906e3
show non landscape icons bigger on the login page
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-05-01 19:05:21 +02:00
7015eb9fe5
Prevent flashing of apps and user menu
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-04-29 13:34:44 +02:00
241e397326
Merge branch 'master' into contactsmenu
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-04-26 00:50:38 +02:00
d091793ceb
Contacts menu
...
* load list of contacts from the server
* show last message of each contact
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
61af3f41f0
Fix auth flow background color and redirect view layout
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-04-25 20:18:49 +02:00
05e1092c44
Correctly case the stateToken
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-25 20:18:49 +02:00
6a16df7288
Add new auth flow
...
This implements the basics for the new app-password based authentication flow for our clients.
The current implementation tries to keep it as simple as possible and works the following way:
1. Unauthenticated client opens `/index.php/login/flow`
2. User will be asked whether they want to grant access to the client
3. If accepted the user has the chance to do so using existing App Token or automatically generate an app password.
If the user chooses to use an existing app token then that one will simply be redirected to the `nc://` protocol handler.
While we can improve on that in the future, I think keeping this smaller at the moment has its advantages. Also, in the
near future we have to think about an automatic migration endpoint so there's that anyways :-)
If the user chooses to use the regular login the following happens:
1. A session state token is written to the session
2. User is redirected to the login page
3. If successfully authenticated they will be redirected to a page redirecting to the POST controller
4. The POST controller will check if the CSRF token as well as the state token is correct, if yes the user will be redirected to the `nc://` protocol handler.
This approach is quite simple but also allows to be extended in the future. One could for example allow external websites to consume this authentication endpoint as well.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-25 20:18:49 +02:00
7548825743
Responsive app menu
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-04-25 17:31:24 +02:00
1f962f9115
Update email template for lost password email
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-12 15:19:53 -05:00
8fa5141aaa
Removes unused code for link share emails
...
* now handled by sharebymail app
* see https://github.com/nextcloud/server/pull/657
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-11 17:32:48 -05:00
afb5d45705
Merge pull request #4256 from nextcloud/theming
...
Move OC_Defaults to OCP\Defaults
2017-04-11 14:39:46 +02:00
5ca5ebe584
Merge pull request #2618 from nextcloud/2fa-challenge-text
...
Move log out and backup codes link into 2fa box for better readability
2017-04-11 11:41:55 +02:00
5b4adf66e5
Move OC_Defaults to OCP\Defaults
...
* currently there are two ways to access default values:
OCP\Defaults or OC_Defaults (which is extended by
OCA\Theming\ThemingDefaults)
* our code used a mixture of both of them, which made
it hard to work on theme values
* this extended the public interface with the missing
methods and uses them everywhere to only rely on the
public interface
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-09 21:43:01 -05:00
9a75714c22
rename confusing getMailHeaderColor to getColorPrimary, ref #3491
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-03-29 18:23:23 +02:00
a88edce54f
Merge pull request #4130 from nextcloud/replace-useless-print-unescaped-with-p
...
Replace unecessary unescaped prints with print
2017-03-29 10:02:10 +02:00
19d3133ccf
Web app manifest
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-03-28 18:39:57 -06:00
99675b46e9
Replace unecessary unescaped prints with print
...
There's no need to have those unescaped from what I can see.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-29 00:43:44 +02:00
1ae56b054b
Moving the inline js before the CSS
...
This allows browsers to do smarted parallel downloads
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-28 22:02:22 +02:00
ea517b489f
use theming colors for favicon on macOS
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-03-27 15:45:56 +02:00
12c5c336ad
Merge pull request #4077 from nextcloud/better-navigation-management
...
Register the app management in the normal way
2017-03-26 15:48:19 -06:00
054e161eb5
Manage the right side menu via the navigation manager as well
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-26 19:40:41 +02:00
ec330c7ac4
Register the app management in the normal way
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-26 19:08:51 +02:00
2048e3e201
replace name in top right with icon for less noise
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-03-26 18:15:34 +02:00
6a4fde11e6
Merge login JS
...
Removes 2 requests.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-24 21:18:24 +01:00
29039eb608
Merge pull request #3951 from nextcloud/menu-firefox-fixes
...
Fix new app menu on firefox
2017-03-20 13:15:43 +01:00
376e6f0884
Merge pull request #3915 from michaelletzgus/html5-fix_autocapitalize
...
Fix value of attribute "autocapitalize"
2017-03-20 13:13:32 +01:00
c994e7afcd
Fix filter for app icons on firefox
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-03-20 08:27:11 +01:00
0b6ff1706f
Fix duplicate id "apps-management"
...
Make duplicate id "apps-management" a class since IDs must be unique:
https://www.w3.org/TR/2011/WD-html5-20110525/elements.html#the-id-attribute
https://api.jquery.com/id-selector/
Signed-off-by: Michael Letzgus <michaelletzgus@users.noreply.github.com>
2017-03-19 12:36:29 +01:00
98187bf942
Fix value of attribute "autocapitalize"
...
Change <input> attribute "autocapitalize" from value "off" to "none" regarding to apples dev guide:
https://developer.apple.com/library/content/documentation/AppleApplications/Reference/SafariHTMLRef/Articles/Attributes.html#//apple_ref/doc/uid/TP40008058-autocapitalize
Signed-off-by: Michael Letzgus <michaelletzgus@users.noreply.github.com>
2017-03-18 16:06:57 +01:00
b8ef616455
Fix html formating issues
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:10 +01:00
780400302c
Rebuild menu to keep order of icons correct
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:10 +01:00
1d6fba03f4
Make enabling/disabling apps work with the new menu
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:10 +01:00
7eae6690ad
Make app management icon act like a normal app icon
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:09 +01:00
61dc78e6dc
Fix menu issues
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:09 +01:00
a630e4629f
Generate seperate menu list for header bar
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:09 +01:00
42feab59d5
Show app icons in the header
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:09 +01:00
b15c11b93b
Use button instead of simple links
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-03-06 11:00:58 +01:00
511df0ec99
Move log out and back codes link into 2fa box for better readability
...
Fixes https://github.com/nextcloud/server/issues/2538
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-03-06 10:48:26 +01:00
200a28255e
Always enable avatars
...
* we introduced this setting in the begining because our
avatar support caused some performance issues, but we
fixed them and should only provide one way how Nextcloud
looks
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-13 17:53:33 -06:00
f1c4f4c020
Rename database password toggle
...
* otherwise submitting the form with the password show will be overwritten
* see 2c9d7eeb76/core/Controller/SetupController.php (L59)fixes #3381
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-07 16:59:12 -06:00
5bad417e57
Merge pull request #2044 from nextcloud/login-credential-store
...
Login credential store
2017-01-30 19:30:04 -06:00
d0e88e328c
Add clear search button
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-01-25 09:15:37 +01:00
7c824a6177
fix scss
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-23 09:03:05 +01:00
202509251c
Use flexbox for header and rearrange some elements
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-23 09:03:03 +01:00
140555b786
always allow remembered login
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-11 19:20:11 +01:00
e077e01bf2
Add a TwoFactorException
...
A Two Factor third party App may throw a TwoFactorException()
with a more detailed error message in case the authentication fails.
The 2FA Controller will then display the message of this Exception
to the user.
Working on #26593
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-01-11 11:01:52 +01:00
3dc562bb7a
Fix #24219 : Added hint for specifying a port. ( #26860 )
...
* Added hint for specifying a port.
* Minor changes.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-22 15:55:09 +01:00
eed0eaeb86
Use a form so firefox doesn't try to save the space as a password
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-19 12:43:31 +01:00
924358ef96
Save the timezone on login again
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-08 10:45:24 +01:00
224c89c1b8
Remove leftovers from #1929
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-11-30 01:07:00 +01:00
6aa79cacfd
Fix mail header logo [ fixes #1326 ]
...
Signed-off-by: Felix A. Epp <work@felixepp.de>
2016-11-30 01:06:47 +01:00
e75dede590
fix some outdated naming
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2016-11-24 16:05:05 +01:00
56881433c0
show installation spinner correctly, fix #2129
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2016-11-22 15:58:00 +01:00
80abb69b60
Show a little explanation above the input field
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-18 12:10:51 +01:00
05df523395
Empty the password field on submission of the form
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-18 12:10:51 +01:00
d75e35b75e
Introduce the UI for password confirmation
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-18 11:57:16 +01:00
740659a04c
Move away from OC_L10N
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-28 21:46:28 +02:00
6dbe417c51
Inlince oc.js if possible!
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-25 22:03:18 +02:00
89574367bc
Merge pull request #1871 from nextcloud/use-csp-nonces
...
Use CSP nonces
2016-10-25 14:46:00 +02:00
38b3ac8213
Add ContentSecurityPolicyNonceManager
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-24 16:35:31 +02:00
9e6634814e
Add support for CSP nonces
...
CSP nonces are a feature available with CSP v2. Basically instead of saying "JS resources from the same domain are ok to be served" we now say "Ressources from everywhere are allowed as long as they add a `nonce` attribute to the script tag with the right nonce.
At the moment the nonce is basically just a `<?php p(base64_encode($_['requesttoken'])) ?>`, we have to decode the requesttoken since `:` is not an allowed value in the nonce. So if somebody does on their own include JS files (instead of using the `addScript` public API, they now must also include that attribute.)
IE does currently not implement CSP v2, thus there is a whitelist included that delivers the new CSP v2 policy to newer browsers. Check http://caniuse.com/#feat=contentsecuritypolicy2 for the current browser support list. An alternative approach would be to just add `'unsafe-inline'` as well as `'unsafe-inline'` is ignored by CSPv2 when a nonce is set. But this would make this security feature unusable at all in IE. Not worth it at the moment IMO.
Implementing this offers the following advantages:
1. **Security:** As we host resources from the same domain by design we don't have to worry about 'self' anymore being in the whitelist
2. **Performance:** We can move oc.js again to inline JS. This makes the loading way quicker as we don't have to load on every load of a new web page a blocking dynamically non-cached JavaScript file.
If you want to toy with CSP see also https://csp-evaluator.withgoogle.com/
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-24 12:27:50 +02:00
7427fb170f
show empty folder message in filepicker
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-21 16:35:55 +02:00
14f78369d7
Use a table for the filepicker list and add size column
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-19 14:18:21 +02:00
cf5d30387b
Merge pull request #1641 from nextcloud/log-in-button
...
bring back dedicated log in button to make log in more usable
2016-10-17 18:28:27 +02:00
aa4eaf3a7e
finish up layout of log in page, postpone forgot password link for later
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2016-10-17 14:28:49 +02:00
6d43942125
filepicker styling
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-14 17:36:08 +02:00
ee231759e5
update styles of log in
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2016-10-11 13:58:10 +02:00
b8030e6d02
Use name from theming
2016-10-07 09:44:42 +02:00
19485e3ec9
Set proper web title for apple
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-06 20:57:32 +02:00
75ec1541e4
fix log in button layout
2016-10-06 19:08:32 +02:00
3141680feb
bring back dedicated log in button to make log in more usable
2016-10-06 16:48:10 +02:00
7c0951244a
Deprecate getEditionString()
2016-09-06 16:05:28 +02:00
06fa486706
Merge pull request #1158 from nextcloud/cache_avatars
...
Cache avatars
2016-09-05 15:08:43 +02:00
8acb734854
add 2fa backup codes app
...
* add backup codes app unit tests
* add integration tests for the backup codes app
2016-09-05 08:51:13 +02:00
56862e3fdc
Add attribute “tabindex” to login form ( fixes #1110 )
2016-08-31 21:58:10 +02:00
14136295b7
Cache avatars properly
...
* Set proper caching headers for avatars (15 minutes)
* For our own avatar use some extra logic to invalidate when we update
2016-08-30 09:00:16 +02:00
b580c3664d
Merge pull request #1093 from nextcloud/mail-fontstack
...
use proper font stack for email
2016-08-28 10:30:50 +02:00
78bb02d27a
list 2FA providers as buttons
2016-08-27 12:27:05 +02:00
4a91673154
use centered h2 for 2FA page headers
2016-08-27 11:33:15 +02:00
c93c5d142e
fix 2fa challenge page wording
2016-08-27 11:12:12 +02:00
dc57b89f37
reorder 2fa challenge HTML
2016-08-27 11:12:12 +02:00
042c744ac6
use proper font stack for email
2016-08-26 22:59:24 +02:00
8a6b5a1d86
Remove uninterpreted PHP
...
This is in an HTML file. The PHP won't be executed 🙈
2016-08-19 14:24:26 +02:00
fb183f8143
Add cachebuster to right navigation
2016-08-18 12:36:14 +02:00
3c7d2544b9
Add cache buster to left menu bar
2016-08-18 12:34:55 +02:00
bded787d0c
Empty tags are not allowed for image and feColorMatrix in IE11 and below
2016-08-17 15:59:30 +02:00
ceeb44bd04
Initial work on Apps page split:
...
* interfaces for the Admin settings (IAdmin) and section (ISection)
* SettingsManager service
* example setup with LDAP app
2016-08-09 18:05:09 +02:00
835dc59d6a
reduce info on update screens, introduce button to refresh
2016-08-04 12:48:25 +02:00
2f9725469d
switch nested containers in update to semibold style
2016-08-03 18:58:44 +02:00
d97fe1775a
Shake the login fields if password is wrong
2016-08-01 21:42:29 +02:00
9f50838cff
Fix wrong preserveAspectRatio at app menu icons
2016-07-29 23:06:26 +02:00
f55ba62a00
Move to svg filter on app menu to support IE9+
2016-07-28 22:33:17 +02:00
387550be88
Theming: Implement swapping the foreground color for bright colors
2016-07-15 14:16:41 +02:00
ba16fd0d33
Merge branch 'master' into sync-master
2016-07-07 11:29:46 +02:00
c47833718f
remove svg classes
2016-07-01 16:36:37 +02:00
6670d37658
Merge remote-tracking branch 'upstream/master' into master-sync-upstream
2016-06-27 18:23:00 +02:00
e5d8726859
remove ie8+9 support
2016-06-23 12:34:53 +02:00
64a9f9d77b
singleuser.user.php -> nextcloud
...
Changed to nextcloud
2016-06-22 07:48:36 +02:00
3720bae3ec
fix setup page strengthify
...
* fixes #105
2016-06-15 15:27:30 +02:00
a636e4ff28
Downstream 2016-06-09
...
Merge branch 'master' of https://github.com/owncloud/core into downstream-160609
2016-06-09 18:45:12 +02:00
51fd2602a7
Revert "Downstream 2016-06-08"
2016-06-09 17:41:57 +02:00
7f88645eab
Allow to cancel 2FA after login
2016-06-09 14:00:02 +02:00
81145ee57c
THIS IS NEXTCLOUD! adjusting the design
2016-06-08 17:02:18 +02:00
3e3b326c85
Allow to cancel 2FA after login
2016-06-07 18:17:29 +02:00
5e71d23ded
remember redirect_url when solving the 2FA challenge
2016-06-01 14:43:47 +02:00
5c063cf7c9
Allow opening the password reset link in a new window when its a URL
2016-05-24 09:23:25 +02:00
dfb4d426c2
Add two factor auth to core
2016-05-23 11:21:10 +02:00
60bafcda73
Fix #24655
2016-05-17 20:43:02 +02:00
d8cde414bd
token based auth
...
* Add InvalidTokenException
* add DefaultTokenMapper and use it to check if a auth token exists
* create new token for the browser session if none exists
hash stored token; save user agent
* encrypt login password when creating the token
2016-05-11 13:36:46 +02:00
7aca13f14c
Allow login by email address
2016-05-02 14:51:01 +02:00
739dfb5c66
Suggest cli based updater in case the instance is bigger - #23913
2016-04-18 17:09:21 +02:00
fee95084ae
Rename `username` to `loginName`
...
UID and login name are two different things.
2016-04-15 19:02:19 +02:00
331e4efacb
Move login form into controller
...
First step on getting the authorisation stuff cleaned up. This is only for the login form, all other stuff is still where it is.
2016-04-15 17:36:23 +02:00
fdee771aca
Add unit testing capabilities for templates ( #23708 )
...
Add unit testing capabilities for templates
2016-04-12 12:49:11 +02:00
22898fa107
Use proper shortcut methods in templates
2016-04-06 10:25:04 +02:00
1f7e02e4d4
Add detailed logs hidden and show them on request
2016-04-04 12:34:18 +02:00
1bf4c75e8b
Show individual sql schema migration steps during upgrade - on web as well as on the command line
2016-04-04 12:34:18 +02:00
62a5952a72
core: Fix typos (found by codespell)
...
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2016-04-04 10:57:17 +02:00
0393e80c7c
Merge pull request #16857 from owncloud/printStylesheets
...
Support for print stylesheets
2016-03-31 22:13:44 +02:00
6ad957906e
Consistently use rel=noreferrer
...
When linking to external entities we should consistently use rel=noreferrer
2016-03-20 15:27:20 +01:00
7a45f05ed5
Stupid clients only literally understand rel="icon"
...
rel="shortcut icon" hasn’t been relevant in years, isn’t in any
standards, and causes problems for simple pattern matching clients.
https://www.w3.org/TR/html/links.html#linkTypes
2016-03-08 21:09:34 +01:00
06b2f11e57
refactoring code
2016-02-10 15:28:14 +01:00
e7859f705c
Remember previous state of remember login checkbox
...
fixes #22205
2016-02-10 12:37:38 +01:00
abc675d87e
Move update notification code into app
...
Moves the update notification code in a single app. This is required since we want to use SSO for the new updater and for this have some code running in ownCloud as well (and we don't want that in core neccessarily). This app can provide that in the future, right now it's only the update notification itself. Will continue working on the SSO right away but wanted to keep the PR small.
Furthermore also makes some more code unit-testable...
2016-02-09 18:05:51 +01:00
3b581b051f
Expose display name in JS side
...
Adds a new method `OC.getCurrentUser` to get both the user id and
display name Could be used for a future Js
2016-02-02 18:01:15 +01:00
75e6734ef4
Remove OC_Helper::imagePath and use the proper public interface
2016-01-24 18:04:20 +01:00
d6a63016ae
move lost controller to core/controller
...
* lostpassword.css is unneeded since #11696 is merged - 1b50d4f7ce
2016-01-20 10:42:19 +01:00
Roeland Jago Douma
Julius Härtl
Morris Jobke
rakekniven
John Molakvoæ (skjnldsv)
Ralph Slooten
Robert Pirritano
Jan-Christoph Borchardt
Lukas Reschke
Markus Staab
Julius Härtl
Martin
Allan Nordhøy
Daniel Calviño Sánchez
Joas Schilling
Marin Treselj
Maxence Lange
Michael Letzgus
Bjoern Schiessle
Robin Appelman
Christoph Wurst
Pierre Rudloff
Roeland Jago Douma
Cornelius Kölbel
Sourav Badami
Felix Epp
coderkun
Raghu Nayyar
Arthur Schiwon
Hendrik Leppelsack
Lukas Reschke
Joachim Sokolowski
Joas Schilling
Christoph Wurst
Thomas Müller
Thomas Müller
Stefan Weil
C. Montero Luque
Daniel Aleksandersen
Vincent Chan
Vincent Petry