nextcloud

트리: 274867f273

작성자	SHA1	메시지	날짜
Joas Schilling	d078d53683	Fix tests Signed-off-by: Joas Schilling <coding@schilljs.com>	2 년 전
Christoph Wurst	caff1023ea	Format control structures, classes, methods and function To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	4 년 전
Roeland Jago Douma	68748d4f85	Some php-cs fixes * Order the imports * No leading slash on imports * Empty line before namespace * One line per import * Empty after imports * Emmpty line at bottom of file Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	4 년 전
Morris Jobke	43e498844e	Use ::class in test mocks Signed-off-by: Morris Jobke <hey@morrisjobke.de>	6 년 전
Roeland Jago Douma	2fa9e67294	Fix phpunit-5.4 wargning * getMock is deprecated. * \PDOStatement mocking fails hard on phpunit 4.8	8 년 전
Joas Schilling	94ad54ec9b	Move tests/ to PSR-4 (#24731) * Move a-b to PSR-4 * Move c-d to PSR-4 * Move e+g to PSR-4 * Move h-l to PSR-4 * Move m-r to PSR-4 * Move s-u to PSR-4 * Move files/ to PSR-4 * Move remaining tests to PSR-4 * Remove Test\ from old autoloader	8 년 전
Joas Schilling	9eade36ae5	Fix namespaces in AppFramework tests	8 년 전
Lukas Reschke	8133d46620	Remove dependency on ICrypto + use XOR	8 년 전
Lukas Reschke	8313a3fcb3	Add mitigation against BREACH While BREACH requires the following three factors to be effectively exploitable we should add another mitigation: 1. Application must support HTTP compression 2. Response most reflect user-controlled input 3. Response should contain sensitive data Especially part 2 is with ownCloud not really given since user-input is usually only echoed if a CSRF token has been passed. To reduce the risk even further it is however sensible to encrypt the CSRF token with a shared secret. Since this will change on every request an attack such as BREACH is not feasible anymore against the CSRF token at least.	9 년 전
Lukas Reschke	886bda5f81	Refactor OC_Request into TrustedDomainHelper and IRequest This changeset removes the static class `OC_Request` and moves the functions either into `IRequest` which is accessible via `\OC::$server::->getRequest()` or into a separated `TrustedDomainHelper` class for some helper methods which should not be publicly exposed. This changes only internal methods and nothing on the public API. Some public functions in `util.php` have been deprecated though in favour of the new non-static functions. Unfortunately some part of this code uses things like `__DIR__` and thus is not completely unit-testable. Where tests where possible they ahve been added though. Fixes https://github.com/owncloud/core/issues/13976 which was requested in https://github.com/owncloud/core/pull/13973#issuecomment-73492969	9 년 전
Lukas Reschke	770fa761b8	Respect `mod_unique_id` and refactor `OC_Request::getRequestId` When `mod_unique_id` is enabled the ID generated by it will be used for logging. This allows for correlation of the Apache logs and the ownCloud logs. Testplan: - [ ] When `mod_unique_id` is enabled the request ID equals the one generated by `mod_unique_id`. - [ ] When `mod_unique_id` is not available the request ID is a 20 character long random string - [ ] The generated Id is stable over the lifespan of one request Changeset looks a little bit larger since I had to adjust every unit test using the HTTP\Request class for proper DI. Fixes https://github.com/owncloud/core/issues/13366	9 년 전
Bernhard Posselt	b89ddcfe41	fix license email	9 년 전
Joas Schilling	6202ca33ba	Make remaining files extend the test base	9 년 전
Bernhard Posselt	9a4d204b55	add cors middleware remove methodannotationreader namespace fix namespace for server container fix tests fail if with cors credentials header is set to true, implement a reusable preflighted cors method in the controller baseclass, make corsmiddleware private and register it for every request remove uneeded local in cors middleware registratio dont uppercase cors to easily use it from routes fix indention comment fixes explicitely set allow credentials header to false dont depend on better controllers PR, fix that stuff later split cors methods to be in a seperate controller for exposing apis remove protected definitions from apicontroller since controller has it	10 년 전

6 커밋 (274867f27319bae68a687dee65f6fdb0c927cacc)