nextcloud/tests
Lukas Reschke 202530f4f3
Soften the cookie check if no cookies are sent
When no cookies are sent it is not required to perform any check for the strict or lax cookie, it does not provide any significant security advantage.

It does however interfer with the Android client which requests thumbnails from the unofficial API at `/index.php/apps/files/api/v1/thumbnail/256/256/{filename}`. This endpoint expects the strict cookie to be existent to not leak the existence of files. The Android client authenticates against this endpoint using Basic Auth and without cookies in some cases at least. This will make these endpoints work again with such cases.

To test this issue the following cURL command once without the patch and once with:

> curl http://localhost/index.php/apps/files/api/v1/thumbnail/256/256/welcome.txt  -u admin -v

Without the patch the request is redirected (which the client does not obey) and with the patch the preview is returned.
2016-06-15 11:50:26 +02:00
..
acceptance correct delete-icon to icon-delete, fix #11128 2014-09-22 18:17:33 +02:00
apps [App Code Check] add check for version and mandatory fields 2015-09-24 11:58:12 +02:00
core Merge pull request #18444 from owncloud/occ-config-types 2016-01-25 10:02:51 +01:00
data [stable9] Read available l10n files also from theme folder 2016-04-04 13:29:04 +02:00
docker/mariadb Use official mariadb docker 2016-02-11 14:17:17 +01:00
lib Soften the cookie check if no cookies are sent 2016-06-15 11:50:26 +02:00
objectstore local entrypoint.sh isn't needed - all fixes are upstream 2016-03-01 13:54:46 +01:00
ocs Following the spec: 2015-08-05 17:49:44 +02:00
ocs-provider Fix formatting of response 2016-02-25 19:05:05 +01:00
settings Merge pull request #22551 from owncloud/make-exceptions-easier-to-debug 2016-02-23 10:23:03 +01:00
travis Make Travis CI pass when DAV was not touched 2015-10-29 10:14:45 +01:00
apps.php do not execute integration tests when executing autotest.sh 2015-05-15 16:38:21 +02:00
bootstrap.php Load all enabled apps in test bootstrap 2015-09-07 16:06:53 +01:00
enable_all.php implementation of the federated share provider 2016-02-08 11:30:48 +01:00
karma.config.js Add system tags filter section for files app 2016-02-09 10:59:29 +01:00
phpunit-autotest-external.xml remove deprecated strict setting 2015-12-09 12:10:12 +01:00
phpunit-autotest.xml Fix coverage reporting 2016-02-16 14:21:28 +01:00
phpunit.xml.dist Add endpoint with list of OCS providers 2015-06-27 18:23:49 +02:00
preseed-config.php Do not add apps2/ directory if it does not exist 2015-03-19 09:07:29 +01:00
startsessionlistener.php Make compatible with PHPUnit 5.1 2015-12-10 09:22:41 +01:00