Commit Graph

47 Commits

Author SHA1 Message Date
Lukas Reschke a977465af5 Add new CSRF manager for unit testing purposes
This adds a new CSRF manager for unit testing purposes, it's interface is based upon https://github.com/symfony/security-csrf. Due to some of our required custom changes it is however not possible to use the Symfony component directly.
2016-01-25 20:03:40 +01:00
Thomas Müller 682821c71e Happy new year! 2016-01-12 15:02:18 +01:00
Morris Jobke fa97e3a5a3 OC_TemplateLayout -> OC\TemplateLayout 2016-01-07 09:31:11 +01:00
Roeland Jago Douma c64e827f00 Since avatar.js is now essentially empty remove it 2015-12-17 16:32:18 +01:00
Vincent Petry 064dcc079d Load base64 polyfill in IE and friends 2015-12-14 17:50:33 +01:00
Lukas Reschke 4b293dffe5 Use \OCP\Util::sanitizeHTML instead of \OC_Util::sanitizeHTML 2015-12-08 08:56:47 +01:00
Vincent Petry a05e40932c Now using IE8 workaround of davclient.js for all IE versions 2015-11-22 16:05:52 +01:00
Vincent Petry fb3d5c7856 Add evert's davclient.js + es6-promise + IE8 workaround
- Add davclient.js lib
- Add es6-promise required by that lib
- Wrote IE8 workaround lib/shim for davclient.js
2015-11-22 16:05:49 +01:00
Thomas Müller 8169e4fdc8 Merge pull request #20465 from owncloud/forms.css
Move form styles from styles.css to inputs.css
2015-11-16 15:29:02 +01:00
Hendrik Leppelsack 7ab56de58b move form styles from styles.css to inputs.css 2015-11-13 00:19:57 +01:00
Joas Schilling c9753655dc Do not use the asset pipeline when doing updates 2015-11-11 18:18:33 +01:00
Raghu Nayyar 56b537271e Global Classes for Core.
Move up the global styles up the hierarchy.

Adds Clear Left, Right and both.

New CSS file for Global Styles.
2015-11-02 20:54:02 +05:30
Lukas Reschke 8f09d5b67c Update license headers 2015-10-26 14:04:01 +01:00
Thomas Müller 70ba594f45 Merge pull request #19537 from owncloud/fix-white-page-of-death
Fixes last causes for WSOD
2015-10-07 14:55:11 +02:00
Joas Schilling 937fb70757 Do not trigger the update exception when we already show an error 2015-10-07 08:07:52 +02:00
Morris Jobke 285e73ac72 validate HTTP protocol in case of an exception 2015-10-06 15:25:31 +02:00
Morris Jobke b05422544d Fixes last causes for WSOD
* print plain text if rendering of exception/error page is not possible
2015-10-06 10:20:53 +02:00
Morris Jobke b945d71384 update licence headers via script 2015-10-05 21:15:52 +02:00
Individual IT Services 2e42f99d00 add $prepend option to addStyle() & addVendorStyle() 2015-09-25 15:41:55 +05:45
Thomas Müller 5a11e145da Clean code 2015-09-24 11:03:01 +02:00
Individual IT Services bf1cb20e90 do not load unnecessary code in case of webdav
changing from "protected static" to "protected"
as suggested by @nickvergessen
https://github.com/owncloud/core/pull/19114#discussion_r39719851

moving initTemplate() into template constr.

reduce to move initTemplate only

cleanup spaces
2015-09-23 11:57:10 +02:00
Morris Jobke e88b380973 Remove DEBUG constant and use config value
* introduces config.php option 'debug' that defaults to false
* migrate DEBUG constant to config value
2015-08-24 15:14:05 +02:00
Lukas Reschke c6a181d00b [PHP 7] Change type hint to also accept Errors
PHP 7 changed the exception types and thus our error handler needs to be able to catch this.

Without this in some cases just a white page is shown instead of an error message.
2015-08-04 11:54:05 +02:00
Jenkins for ownCloud b585d87d9d Update license headers 2015-03-26 11:44:36 +01:00
Robin Appelman 2df20aaffb show exception type in debug mode 2015-03-20 03:51:21 +01:00
Morris Jobke 06aef4e8b1 Revert "Updating license headers"
This reverts commit 6a1a4880f0.
2015-02-26 11:37:37 +01:00
Jenkins for ownCloud 6a1a4880f0 Updating license headers 2015-02-23 12:13:59 +01:00
Lukas Reschke 886bda5f81 Refactor OC_Request into TrustedDomainHelper and IRequest
This changeset removes the static class `OC_Request` and moves the functions either into `IRequest` which is accessible via `\OC::$server::->getRequest()` or into a separated `TrustedDomainHelper` class for some helper methods which should not be publicly exposed.

This changes only internal methods and nothing on the public API. Some public functions in `util.php` have been deprecated though in favour of the new non-static functions.

Unfortunately some part of this code uses things like `__DIR__` and thus is not completely unit-testable. Where tests where possible they ahve been added though.

Fixes https://github.com/owncloud/core/issues/13976 which was requested in https://github.com/owncloud/core/pull/13973#issuecomment-73492969
2015-02-16 22:13:00 +01:00
Lukas Reschke 770fa761b8 Respect `mod_unique_id` and refactor `OC_Request::getRequestId`
When `mod_unique_id` is enabled the ID generated by it will be used for logging. This allows for correlation of the Apache logs and the ownCloud logs.

Testplan:

- [ ] When `mod_unique_id` is enabled the request ID equals the one generated by `mod_unique_id`.
- [ ] When `mod_unique_id` is not available the request ID is a 20 character long random string
- [ ] The generated Id is stable over the lifespan of one request

Changeset looks a little bit larger since I had to adjust every unit test using the HTTP\Request class for proper DI.

Fixes https://github.com/owncloud/core/issues/13366
2015-02-09 11:53:11 +01:00
Adam Williamson bb79aac78a allow css/js asset directory to be relocated (#13053)
This allows the directory where CSS/JS asset collections are
written to be changed, in case SERVERROOT is not writeable. Note
it does *not* allow the expected URL to be changed: whatever
directory is used, the server must be configured to serve it
at WEBROOT/assets. It may be possible to add another config
parameter to allow the admin to specify a custom asset URL,
but I thought I'd keep the first implementation simple.
2015-01-05 15:24:23 -08:00
drarko faaa1a89cb Fix extra quotes in custom tags in header
Fix #12939
2014-12-18 12:40:08 -03:00
Morris Jobke 952abdc51a Drop form_factor that is appended to JS, CSS and template filenames 2014-11-12 13:07:23 +01:00
Lukas Reschke 510d0b2cf3 Fix the "addHeader($tag, $attributes, $text)" methods to not ignore the $text parameter
Also support closing tags with no text content given

Conflicts:
	lib/private/template.php
2014-10-28 11:15:58 +01:00
Thomas Müller 93b0f1a3bf adding cssmin and jssmin(minify)
adding argument deleteSelf to rmdirr() - if false the directory itself will not be deleted only it's content

adding repair step to clean the asset cache after upgrade + coding style adjustments
2014-10-17 12:22:26 +02:00
Lukas Reschke 6d3757f864 Do not show exception to the end-user
Log the error instead of potentially leaking sensitive information
2014-09-17 13:17:52 +02:00
Robin Appelman d0266c0bf8 Use public api for getting l10n 2014-08-31 10:08:22 +02:00
Robin Appelman 3de69ff81b Don't register the call when rendering error pages 2014-08-29 15:44:39 +02:00
Jörn Friedrich Dreyer f551917a3c kill OC::$session
maintain deprecated \OC::$session when getting or setting the session via the server container or UserSession

restore order os OC::$session and OC::$CLI

remove unneded initialization of dummy session

write back session when $useCustomSession is true

log warning when deprecated app is used
2014-08-29 10:22:21 +02:00
Lukas Reschke 9ab62ad5b7 Escape error messages 2014-08-27 17:01:51 +02:00
Morris Jobke dc36d30953 Remove all occurences of @brief and @returns from PHPDoc
* test case added to avoid adding them later
2014-05-19 17:50:53 +02:00
Vincent Petry 04f73275ba Now settings CSS class with appid in content DIV 2014-05-15 17:51:04 +02:00
Lukas Reschke e88731a477 Some more PHPDoc fixes 2014-04-21 15:44:54 +02:00
Lukas Reschke a2a850dd91 Fix indentation 2014-04-13 11:52:31 +02:00
Lukas Reschke df67a04385 Move security headers to base.php
Some headers were currently only added to the templates but not to other components (e.g. SabreDAV / JSON / etc...)
The migration to base.php ensures that the headers are served to all requests passing base.php
2014-04-13 11:51:03 +02:00
Jörn Friedrich Dreyer 2a6a9a8cef polish documentation based on scrutinizer patches 2014-02-06 17:02:21 +01:00
Vincent Petry 2a1d6d3106 Do not use L10n when logging exceptions
In some specific situations, the L10N bundle isn't loadable yet (for
example when there is an issue with the app_config table). In such case,
we still want to be able to log the real exception.

This fixes errors that say "OC_L10N_String::__toString must not throw
exceptions"
2013-12-16 15:11:13 +01:00
Thomas Müller 9c9dc276b7 move the private namespace OC into lib/private - OCP will stay in lib/public
Conflicts:
	lib/private/vcategories.php
2013-09-30 16:36:59 +02:00