Côme Chilliet
c0ce272e9c
chore: Migrate away from OC::$server->getLogger
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
4 months ago
Anna Larch
6434ce96c9
Add timezone getter to ITimeFactory
Signed-off-by: Anna Larch <anna@nextcloud.com>
7 months ago
Maxence Lange
51fa22dc26
fix psalm
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
4 months ago
Maxence Lange
86835ee899
sync with new OCP\IAppConfig
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
4 months ago
John Molakvoæ
82b5a19a35
fix: public dav and files_sharing testing fixes
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
1 year ago
Joas Schilling
f6b6776c93
fix(API): Use a distinct exception so apps can react to it and customize the return
Signed-off-by: Joas Schilling <coding@schilljs.com>
6 months ago
Joas Schilling
aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
7 months ago
Ferdinand Thiessen
ecf9f0a872
fix(CSP): Only add `strict-dynamic` when using nonces
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
7 months ago
Ferdinand Thiessen
e231abd9bf
fix!(ContentSecurityPolicy): Make `strict-dynamic` enabled by default on `script-src-elem`
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
7 months ago
Ferdinand Thiessen
7df9eb3351
feat(ContentSecurityPolicy): Allow to set `strict-dynamic` on `script-src-elem` only
This adds the possibility to set `strict-dynamic` on `script-src-elem` only while keep the default rules for `script-src`.
The idea is to allow loading module js which imports other files and thus does not allow nonces on import but on the initial script tag.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
7 months ago
Joas Schilling
ffc1bb774b
feat(openapi): Add OpenAPI attribute to allow multiple scopes and overwriting tags
Signed-off-by: Joas Schilling <coding@schilljs.com>
7 months ago
Marcel Klehr
8339b5b128
fix: Minor copypasta
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
8 months ago
Marcel Klehr
cee5aa84f0
fix(Text2Image): Fix psalm errors
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
8 months ago
Côme Chilliet
1202171b32
Fix docblock and types for new public API
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
8 months ago
Carl Schwan
eb1d612d96
Add api to register setup checks
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
2 years ago
Côme Chilliet
500374a8e7
Fix registerEventListener signature
It seems now psalm correctly supports this.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
9 months ago
Joas Schilling
0a4fbaddc7
Fix version number in ITimeFactory after it was delayed
Signed-off-by: Joas Schilling <coding@schilljs.com>
8 months ago
Git'Fellow
066f6ef16c
Stop sending deprecated Pragma header
Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
10 months ago
Anna Larch
66c1aa4a3c
fix(utility): De- deprecate getDateTime as now() only returns immutable objects
This will mean lots of code like
```$dateTime = (new DateTime())->setTimestamp(ITimeFactory::now()->getTimestamp()```
if a regular DateTime object is needed
Signed-off-by: Anna Larch <anna@nextcloud.com>
11 months ago
Robin Appelman
ccf57e0715
add separate event for rendering login page template
Signed-off-by: Robin Appelman <robin@icewind.nl>
10 months ago
Daniel Calviño Sánchez
41f2d912d2
Allow "wasm-unsafe-eval" in CSP
If a page has a Content Security Policy header and the `script-src` (or
`default-src`) directive does not contain neither `wasm-unsafe-eval` nor
`unsafe-eval` loading and executing WebAssembly is blocked in the page
(although it is still possible to load and execute WebAssembly in a
worker thread).
Although the Nextcloud classes to manage the CSP already supported
allowing `unsafe-eval` this affects not only WebAssembly, but also the
`eval` operation in JavaScript.
To make possible to allow WebAssembly execution without allowing
JavaScript `eval` this commit adds support for allowing
`wasm-unsafe-eval`.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
1 year ago
Joas Schilling
1b387bb341
fix!: Remove legacy event dispatching Symfony's GenericEvent from AdditionalScripts
Signed-off-by: Joas Schilling <coding@schilljs.com>
11 months ago
Marcel Klehr
ffe27ce14c
Massive refactoring: Turn LanguageModel OCP API into TextProcessing API
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
11 months ago
jld3103
2d6a62ccee
Add IgnoreOpenAPI attribute
Signed-off-by: jld3103 <jld3103yt@gmail.com>
11 months ago
Marcel Klehr
069962d04f
Since 27.1.0
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
11 months ago
Marcel Klehr
fb55afc9ff
Update lib/public/AppFramework/Bootstrap/IRegistrationContext.php
Co-authored-by: Daniel <mail@danielkesselberg.de>
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
1 year ago
Marcel Klehr
795b097122
LLM OCP API: Implement ocs API
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
1 year ago
Christoph Wurst
14719110b9
chore: Replace \OC::$server->query with \OCP\Server::get in /lib
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
1 year ago
Louis Chemineau
407c361b91
Add OCSPreconditionFailedException
Signed-off-by: Louis Chemineau <louis@chmn.me>
11 months ago
jld3103
b0001c6010
Add template types to responses
Signed-off-by: jld3103 <jld3103yt@gmail.com>
1 year ago
Christoph Wurst
08a3f37695
chore(appframework)!: Drop \OCP\AppFramework\Http\EmptyContentSecurityPolicy::allowInlineScript
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
1 year ago
Git'Fellow
5b5895a130
Drop meta robots tag
Revert mistake
Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
1 year ago
Faraz Samapoor
bf38c0a3d1
Refactors "strpos" calls in lib/public to improve code readability.
Signed-off-by: Faraz Samapoor <fsamapoor@gmail.com>
1 year ago
Joas Schilling
5b2d5767e1
fix(docs): Fix language and copy-paste class name in docs of CSP
Signed-off-by: Joas Schilling <coding@schilljs.com>
1 year ago
Julius Härtl
050c6d53b3
enh: Provide atomicRetry method to retry transactions if possible
Signed-off-by: Julius Härtl <jus@bitgrid.net>
1 year ago
Simon L
d55a7c619d
Fix typos in lib/public subdirectory
Found via `codespell -q 3 -S l10n -L jus ./lib/public`
Signed-off-by: luz paz <luzpaz@github.com>
Update lib/public/Accounts/IAccount.php
Signed-off-by: luz paz <luzpaz@github.com>
Signed-off-by: Simon L <szaimen@e.mail.de>
Co-Authored-By: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
1 year ago
Daniel Kesselberg
eecdb62e92
fix: add workaround for oci and limit queries
DBAL uses a helper column "doctrine_rownum" for top-n queries
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
1 year ago
Joas Schilling
ecb8b55c5c
feat(security): Add PHP \Attribute for remaining security annotations
Signed-off-by: Joas Schilling <coding@schilljs.com>
1 year ago
Joas Schilling
89c3c31402
feat(ratelimit): Add Attributes support to rate limit middleware
Signed-off-by: Joas Schilling <coding@schilljs.com>
1 year ago
Christoph Wurst
2c0cfd3772
feat(app-framework): Add native argument types for middleware
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
1 year ago
Ferdinand Thiessen
bdbff2181e
fix: Allow to catch `IMapperException` by implementing `Throwable`
Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
1 year ago
Marcel Klehr
317521b607
feat(SpeechToText): Add SpeechToText provider API
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
1 year ago
jld3103
b153340b62
Add type hints for mappers
Signed-off-by: jld3103 <jld3103yt@gmail.com>
1 year ago
Joas Schilling
e839eb9b5c
feat(middleware): Migrate BruteForceProtection annotation to PHP Attribute and allow multiple
Signed-off-by: Joas Schilling <coding@schilljs.com>
1 year ago
Joas Schilling
c297f8ee96
feat(appframework): ⌚ Make ITimeFactory extend \PSR\Clock\ClockInterface
Signed-off-by: Joas Schilling <coding@schilljs.com>
1 year ago
Julius Härtl
3e63298381
feat(translations): Add translation provider API
Signed-off-by: Julius Härtl <jus@bitgrid.net>
1 year ago
MichaIng
5f90b8eb11
Change X-Robots-Tag header from "none" to "noindex, nofollow"
While "none" is indeed equivalent to "noindex, nofollow" for Google, but seems to be not supported by Bing and probably other search engines.
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meta/name#other_metadata_names
https://developers.google.com/search/docs/crawling-indexing/robots-meta-tag?hl=de#comma-separated-list
https://www.bing.com/webmasters/help/which-robots-metatags-does-bing-support-5198d240
Signed-off-by: MichaIng <micha@dietpi.com>
1 year ago
Joas Schilling
6f3ce5c319
Also copy bruteforce meta data when converting DataResponse to JSONResponse
Signed-off-by: Joas Schilling <coding@schilljs.com>
1 year ago
Ferdinand Thiessen
ba8a50c059
fix: Throw `NotFoundExceptionInterface` to fulfill PSR container interface if class not found
Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
1 year ago
Louis Chemineau
4ab3c16403
Pluggable share provider
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
Signed-off-by: Louis Chemineau <louis@chmn.me>
1 year ago