Commit Graph

8402 Commits

Author SHA1 Message Date
Thomas Müller 0751ee087f Merge pull request #14414 from owncloud/add-ini-helper
Add helper to check for `ini` values in `OC_Util::checkServer`
2015-02-22 20:44:02 +01:00
Jenkins for ownCloud ef09e5d395 [tx-robot] updated from transifex 2015-02-22 01:54:42 -05:00
Lukas Reschke 2f0f38761d Add helper to check for `ini` values in `OC_Util::checkServer`
This allows to check for specific values in the PHP.ini that ownCloud requires for full compatibility.

`mbstring.func_overload`: https://github.com/owncloud/core/issues/14372
`output_buffering`: http://doc.owncloud.org/server/8.0/admin_manual/configuration/big_file_upload_configuration.html#configuring-php

Fixes https://github.com/owncloud/core/issues/14372 and https://github.com/owncloud/core/issues/14412
2015-02-21 12:12:34 +01:00
Lukas Reschke fcc5f5a4f4 Merge pull request #13777 from owncloud/close-cursor
Close cursor for appframework and manipulation queries if applicable
2015-02-20 20:15:22 +01:00
Thomas Müller 3a6b11d018 Merge pull request #13767 from owncloud/issue/13764-mimetype-racecondition
Use insertIfNotExists() and reload mimetypes after inserting one
2015-02-20 17:39:17 +01:00
Lukas Reschke 50208308e3 Merge pull request #14359 from owncloud/add-satisfy-all
Add `Satisfy All`
2015-02-20 14:55:43 +01:00
Jenkins for ownCloud 79ef5eda96 [tx-robot] updated from transifex 2015-02-20 01:55:01 -05:00
Lukas Reschke 602e563d99 Merge pull request #14366 from owncloud/remove-old-l10n-files
Remove some old l10n files they arent loaded anymore
2015-02-19 23:31:21 +01:00
Morris Jobke 75a7bcb10c Merge pull request #14199 from owncloud/cast-type-manually
Manually type-cast all AJAX files
2015-02-19 17:19:54 +01:00
Arthur Schiwon 7ada41259c Port of #14041 to master
on ownCloud upgrade: upgrade all apps in order, load important ones

Fix "other" app update stack
2015-02-19 14:38:22 +01:00
Joas Schilling e52a63eccb Remove some old l10n files they arent loaded anymore 2015-02-19 11:58:40 +01:00
Thomas Müller 84eb00e428 Merge pull request #14342 from owncloud/disallow-path-traversals-in-file-view
Disallow path traversals in file view
2015-02-19 10:27:04 +01:00
Jenkins for ownCloud 294137dda6 [tx-robot] updated from transifex 2015-02-19 01:55:43 -05:00
Lukas Reschke 4decbc2efa Add `Satisfy All`
Fixes https://github.com/owncloud/core/issues/14356
2015-02-19 02:16:44 +01:00
Thomas Müller b32d31a2f1 Merge pull request #13836 from owncloud/part-no-cache-update
Dont update the cache when working with part files
2015-02-19 00:08:10 +01:00
Lukas Reschke 46ca0fa481 Add some basic PHPDoc to functions 2015-02-18 18:17:33 +01:00
Lukas Reschke 41e5850450 Prevent directory traversals in ctr of \OC\Files\View
This prevents a misusage of \OC\Files\View by calling it with user-supplied input. In such cases an exception is now thrown.
2015-02-18 18:17:33 +01:00
Clark Tomlinson 8d09cc3b91 Merge pull request #13989 from owncloud/enhancment/security/11857
Allow AppFramework applications to specify a custom CSP header
2015-02-18 10:27:29 -05:00
Clark Tomlinson 84cc90a0ee Merge pull request #14335 from owncloud/enable-strict-mode-per-deafult
Fix invalid `ini_set` directives
2015-02-18 10:06:12 -05:00
Lukas Reschke e4bf3fcb53 Merge pull request #14330 from owncloud/revert-13879-add_debug_log_for_memcache_instantiation
Revert "add debug log for memcache instantiation"
2015-02-18 15:45:38 +01:00
Lukas Reschke 593681a4a9 Fix invalid `ini_set` directives
Somehow they got messed up. Because PHP does automatic type juggling this has worked before as well however it's not guaranteed that this might work in the future as well.
2015-02-18 15:18:27 +01:00
Lukas Reschke cd4c064ebf Revert "add debug log for memcache instantiation" 2015-02-18 14:16:14 +01:00
Lukas Reschke a666f804c7 Use the untrusted domain in the installer 2015-02-18 13:59:37 +01:00
Lukas Reschke 1a41f8f6f9 Check if instance is not yet installed
Due to a security hardening in 8.1 a missing value of empty trusted domains in the config would provoke an error as this was misused by a lot of users.

This caused a problem where the initial installation happened from another domain than 127.0.0.1 as in this case the domain was considered untrusted as no value was defined. However, this special case should not get intercepted.

To test:
- [ ] Installing ownCloud on 127.0.0.1 works
- [ ] Installing ownCloud on another domain / IP works
- [ ] When setting up ownCloud from 127.0.0.1 and accessing it from the domain above the trusted domain error should be shown if not specified in the config

Fixes https://github.com/owncloud/core/issues/14320
2015-02-18 13:06:46 +01:00
Thomas Müller 2b1f39cd6b Merge pull request #14308 from owncloud/fix-14247
Add mapping for a broken varchar type.
2015-02-18 10:05:33 +01:00
Lukas Reschke ceaa193df2 Merge pull request #14273 from owncloud/require-at-least-apcu-4-0-6
Use APCu only if available in version 4.0.6 and higher
2015-02-18 01:07:54 +01:00
Morris Jobke 5d7d2adcbf Merge pull request #14207 from owncloud/propfind-optimize
Optimize quota calculation for propfind
2015-02-18 00:18:47 +01:00
Victor Dubiniuk 090db867d5 Add mapping for a broken varchar type. Fixes #14247 2015-02-17 23:22:57 +03:00
Lukas Reschke b701bbd8c5 Use APCu only if available in version 4.0.6 and higher
APCu before 4.0.6 is unbelievable buggy and tend to segfault the PHP process (i.e. the whole webserver)

This potentially fixes https://github.com/owncloud/core/issues/14175

Requires a backport to stable8
2015-02-17 13:28:02 +01:00
Lukas Reschke 76c511de92 Merge pull request #14056 from owncloud/refactor/13976
Refactor OC_Request into TrustedDomainHelper and IRequest
2015-02-17 13:17:04 +01:00
Jenkins for ownCloud 30ca14021c [tx-robot] updated from transifex 2015-02-17 01:56:23 -05:00
Lukas Reschke cebf9f6a5a Incorporate review changes 2015-02-16 22:13:03 +01:00
Lukas Reschke 992164446c Add blackmagic due to cyclic dependency 🙈 2015-02-16 22:13:01 +01:00
Lukas Reschke 9f91d64918 Make scrutinizer happy 2015-02-16 22:13:00 +01:00
Lukas Reschke 886bda5f81 Refactor OC_Request into TrustedDomainHelper and IRequest
This changeset removes the static class `OC_Request` and moves the functions either into `IRequest` which is accessible via `\OC::$server::->getRequest()` or into a separated `TrustedDomainHelper` class for some helper methods which should not be publicly exposed.

This changes only internal methods and nothing on the public API. Some public functions in `util.php` have been deprecated though in favour of the new non-static functions.

Unfortunately some part of this code uses things like `__DIR__` and thus is not completely unit-testable. Where tests where possible they ahve been added though.

Fixes https://github.com/owncloud/core/issues/13976 which was requested in https://github.com/owncloud/core/pull/13973#issuecomment-73492969
2015-02-16 22:13:00 +01:00
Thomas Müller 1a4b9b0c92 Merge pull request #14263 from owncloud/missing-visibility-activity-iextension
Add visibility to interface to make scrutinizer 1 step happier
2015-02-16 19:54:55 +01:00
Jörn Friedrich Dreyer 87db136508 add debug log for memcache instantiation 2015-02-16 18:05:43 +01:00
Joas Schilling f808acd317 Add visibility to interface to make scrutinizer 1 step happier 2015-02-16 17:46:43 +01:00
Morris Jobke 5a5d6bf4db Merge pull request #14128 from owncloud/drop-unused-methods
Remove unused function and correct PHPDoc
2015-02-16 17:37:36 +01:00
Thomas Müller 9271059195 Merge pull request #13750 from owncloud/enhanced-code-checker
Implement php code checker to detect usage of not allowed private ...
2015-02-16 16:55:57 +01:00
Joas Schilling 8eb804b1f6 Merge pull request #13269 from owncloud/issue/13211-cache-array-implementation
Add an array implementation of cache and use it if we are not debugging
2015-02-16 15:35:20 +01:00
Thomas Müller 9c47ab91f2 Merge pull request #14194 from owncloud/url-encode-logout-attribute
URLEncode logout attribute
2015-02-16 15:04:20 +01:00
Joas Schilling 8848b5f067 Add an array implementation of cache and use it if we are not debugging 2015-02-16 14:55:50 +01:00
Lukas Reschke c6705ab574 Merge pull request #13890 from owncloud/add-no-referrer
Add `rel="noreferrer"` where possible and switch to HTTPS
2015-02-16 14:36:44 +01:00
Lukas Reschke 7e45f5d27b Remove unused function and correct PHPDoc 2015-02-16 13:46:45 +01:00
Lukas Reschke 8791f1992e Add noreferrer to footer URI 2015-02-16 13:37:54 +01:00
Lukas Reschke a9d1a01440 Rename to allowEval 2015-02-16 12:30:21 +01:00
Thomas Müller 78febb2ee5 Merge pull request #14201 from owncloud/propagator-dont-decrease-mtime
Dont lower the mtime of a folder when propagating changes
2015-02-16 11:32:17 +01:00
Lukas Reschke b20174bdad Allow AppFramework applications to specify a custom CSP header
This change allows AppFramework applications to specify a custom CSP header for example when the default policy is too strict. Furthermore this allows us to partially migrate away from CSS and allowed eval() in our JavaScript components.

Legacy ownCloud components will still use the previous policy. Application developers can use this as following in their controllers:
```php
$response = new TemplateResponse('activity', 'list', []);
$cspHelper = new ContentSecurityPolicyHelper();
$cspHelper->addAllowedScriptDomain('www.owncloud.org');
$response->addHeader('Content-Security-Policy', $cspHelper->getPolicy());
return $response;
```

Fixes https://github.com/owncloud/core/issues/11857 which is a pre-requisite for https://github.com/owncloud/core/issues/13458 and https://github.com/owncloud/core/issues/11925
2015-02-16 11:00:41 +01:00
Thomas Müller 09a33b11a4 Merge pull request #13809 from owncloud/fix-autoloader-message
Properly show the warning about the missing composer autoloader
2015-02-16 10:41:24 +01:00