aboutsummaryrefslogtreecommitdiffstats
path: root/core
diff options
context:
space:
mode:
authorCôme Chilliet <91878298+come-nc@users.noreply.github.com>2024-01-16 09:04:24 +0100
committerGitHub <noreply@github.com>2024-01-16 09:04:24 +0100
commit80d58f01629214a769e20e5381dd2bac915fdd2d (patch)
treeb2c757b0d28ec785cf7d84d21f00dcd664f8fb68 /core
parent587057b0edf4e3b17772cdcc686021ea6d6c938b (diff)
parenta2915d4e222ea479d8498d33d8086a055672da2f (diff)
downloadnextcloud-server-80d58f01629214a769e20e5381dd2bac915fdd2d.tar.gz
nextcloud-server-80d58f01629214a769e20e5381dd2bac915fdd2d.zip
Merge pull request #41312 from nextcloud/feat/migrate-code-integrity-check
Diffstat (limited to 'core')
-rw-r--r--core/js/setupchecks.js30
-rw-r--r--core/js/tests/specs/setupchecksSpec.js17
2 files changed, 18 insertions, 29 deletions
diff --git a/core/js/setupchecks.js b/core/js/setupchecks.js
index 9eacb1b137a..99e289e5e54 100644
--- a/core/js/setupchecks.js
+++ b/core/js/setupchecks.js
@@ -230,16 +230,6 @@
type: OC.SetupChecks.MESSAGE_TYPE_WARNING
});
}
- if(!data.hasPassedCodeIntegrityCheck) {
- messages.push({
- msg: t('core', 'Some files have not passed the integrity check. Further information on how to resolve this issue can be found in the {linkstart1}documentation ↗{linkend}. ({linkstart2}List of invalid files…{linkend} / {linkstart3}Rescan…{linkend})')
- .replace('{linkstart1}', '<a target="_blank" rel="noreferrer noopener" class="external" href="' + data.codeIntegrityCheckerDocumentation + '">')
- .replace('{linkstart2}', '<a href="' + OC.generateUrl('/settings/integrity/failed') + '">')
- .replace('{linkstart3}', '<a href="' + OC.generateUrl('/settings/integrity/rescan?requesttoken={requesttoken}', {'requesttoken': OC.requestToken}) + '">')
- .replace(/{linkend}/g, '</a>'),
- type: OC.SetupChecks.MESSAGE_TYPE_ERROR
- });
- }
if(!data.isSettimelimitAvailable) {
messages.push({
msg: t('core', 'The PHP function "set_time_limit" is not available. This could result in scripts being halted mid-execution, breaking your installation. Enabling this function is strongly recommended.'),
@@ -317,6 +307,15 @@
return deferred.promise();
},
+ escapeHTML: function(text) {
+ return text.toString()
+ .split('&').join('&amp;')
+ .split('<').join('&lt;')
+ .split('>').join('&gt;')
+ .split('"').join('&quot;')
+ .split('\'').join('&#039;')
+ },
+
/**
* @param message The message string containing placeholders.
* @param parameters An object with keys as placeholders and values as their replacements.
@@ -327,11 +326,13 @@
for (var [placeholder, parameter] of Object.entries(parameters)) {
var replacement;
if (parameter.type === 'user') {
- replacement = '@' + parameter.name;
+ replacement = '@' + this.escapeHTML(parameter.name);
} else if (parameter.type === 'file') {
- replacement = parameter.path || parameter.name;
+ replacement = this.escapeHTML(parameter.path) || this.escapeHTML(parameter.name);
+ } else if (parameter.type === 'highlight') {
+ replacement = '<a href="' + encodeURI(parameter.link) + '">' + this.escapeHTML(parameter.name) + '</a>';
} else {
- replacement = parameter.name;
+ replacement = this.escapeHTML(parameter.name);
}
message = message.replace('{' + placeholder + '}', replacement);
}
@@ -350,6 +351,9 @@
}
var message = setupCheck.description;
+ if (message) {
+ message = this.escapeHTML(message)
+ }
if (setupCheck.descriptionParameters) {
message = this.richToParsed(message, setupCheck.descriptionParameters);
}
diff --git a/core/js/tests/specs/setupchecksSpec.js b/core/js/tests/specs/setupchecksSpec.js
index a407fbb145a..5e879974fc9 100644
--- a/core/js/tests/specs/setupchecksSpec.js
+++ b/core/js/tests/specs/setupchecksSpec.js
@@ -226,7 +226,6 @@ describe('OC.SetupChecks tests', function() {
suggestedOverwriteCliURL: '',
isFairUseOfFreePushService: true,
isCorrectMemcachedPHPModuleInstalled: true,
- hasPassedCodeIntegrityCheck: true,
isSettimelimitAvailable: true,
cronErrors: [],
cronInfo: {
@@ -272,7 +271,6 @@ describe('OC.SetupChecks tests', function() {
suggestedOverwriteCliURL: '',
isFairUseOfFreePushService: true,
isCorrectMemcachedPHPModuleInstalled: true,
- hasPassedCodeIntegrityCheck: true,
isSettimelimitAvailable: true,
cronErrors: [],
cronInfo: {
@@ -318,7 +316,6 @@ describe('OC.SetupChecks tests', function() {
suggestedOverwriteCliURL: '',
isFairUseOfFreePushService: true,
isCorrectMemcachedPHPModuleInstalled: true,
- hasPassedCodeIntegrityCheck: true,
isSettimelimitAvailable: true,
cronErrors: [],
cronInfo: {
@@ -364,7 +361,6 @@ describe('OC.SetupChecks tests', function() {
suggestedOverwriteCliURL: '',
isFairUseOfFreePushService: true,
isCorrectMemcachedPHPModuleInstalled: false,
- hasPassedCodeIntegrityCheck: true,
isSettimelimitAvailable: true,
cronErrors: [],
cronInfo: {
@@ -409,7 +405,6 @@ describe('OC.SetupChecks tests', function() {
isFairUseOfFreePushService: true,
reverseProxyDocs: 'https://docs.nextcloud.com/foo/bar.html',
isCorrectMemcachedPHPModuleInstalled: true,
- hasPassedCodeIntegrityCheck: true,
isSettimelimitAvailable: false,
cronErrors: [],
cronInfo: {
@@ -454,7 +449,6 @@ describe('OC.SetupChecks tests', function() {
isFairUseOfFreePushService: true,
reverseProxyDocs: 'https://docs.nextcloud.com/foo/bar.html',
isCorrectMemcachedPHPModuleInstalled: true,
- hasPassedCodeIntegrityCheck: true,
isSettimelimitAvailable: true,
cronErrors: [],
cronInfo: {
@@ -530,7 +524,6 @@ describe('OC.SetupChecks tests', function() {
suggestedOverwriteCliURL: '',
isFairUseOfFreePushService: true,
isCorrectMemcachedPHPModuleInstalled: true,
- hasPassedCodeIntegrityCheck: true,
isSettimelimitAvailable: true,
cronErrors: [],
cronInfo: {
@@ -581,7 +574,6 @@ describe('OC.SetupChecks tests', function() {
suggestedOverwriteCliURL: '',
isFairUseOfFreePushService: true,
isCorrectMemcachedPHPModuleInstalled: true,
- hasPassedCodeIntegrityCheck: true,
isSettimelimitAvailable: true,
cronErrors: [],
cronInfo: {
@@ -629,7 +621,6 @@ describe('OC.SetupChecks tests', function() {
suggestedOverwriteCliURL: '',
isFairUseOfFreePushService: true,
isCorrectMemcachedPHPModuleInstalled: true,
- hasPassedCodeIntegrityCheck: true,
isSettimelimitAvailable: true,
cronErrors: [],
cronInfo: {
@@ -674,7 +665,6 @@ describe('OC.SetupChecks tests', function() {
suggestedOverwriteCliURL: '',
isFairUseOfFreePushService: true,
isCorrectMemcachedPHPModuleInstalled: true,
- hasPassedCodeIntegrityCheck: true,
isSettimelimitAvailable: true,
cronErrors: [],
cronInfo: {
@@ -716,7 +706,6 @@ describe('OC.SetupChecks tests', function() {
suggestedOverwriteCliURL: '',
isFairUseOfFreePushService: true,
isCorrectMemcachedPHPModuleInstalled: true,
- hasPassedCodeIntegrityCheck: true,
isSettimelimitAvailable: true,
cronErrors: [],
cronInfo: {
@@ -748,7 +737,6 @@ describe('OC.SetupChecks tests', function() {
});
});
-
it('should return an error if gmp or bcmath are not enabled', function(done) {
var async = OC.SetupChecks.checkSetup();
@@ -761,7 +749,6 @@ describe('OC.SetupChecks tests', function() {
suggestedOverwriteCliURL: '',
isFairUseOfFreePushService: true,
isCorrectMemcachedPHPModuleInstalled: true,
- hasPassedCodeIntegrityCheck: true,
isSettimelimitAvailable: true,
cronErrors: [],
cronInfo: {
@@ -805,7 +792,6 @@ describe('OC.SetupChecks tests', function() {
suggestedOverwriteCliURL: '',
isFairUseOfFreePushService: true,
isCorrectMemcachedPHPModuleInstalled: true,
- hasPassedCodeIntegrityCheck: true,
isSettimelimitAvailable: true,
cronErrors: [],
cronInfo: {
@@ -837,7 +823,7 @@ describe('OC.SetupChecks tests', function() {
async.done(function( data, s, x ){
expect(data).toEqual([{
- msg: 'Your installation has no default phone region set. This is required to validate phone numbers in the profile settings without a country code. To allow numbers without a country code, please add "default_phone_region" with the respective ISO 3166-1 code of the region to your config file. For more details see the <a target="_blank" rel="noreferrer noopener" class="external" href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements">documentation ↗</a>.',
+ msg: 'Your installation has no default phone region set. This is required to validate phone numbers in the profile settings without a country code. To allow numbers without a country code, please add &quot;default_phone_region&quot; with the respective ISO 3166-1 code of the region to your config file. For more details see the <a target="_blank" rel="noreferrer noopener" class="external" href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements">documentation ↗</a>.',
type: OC.SetupChecks.MESSAGE_TYPE_INFO
}]);
done();
@@ -856,7 +842,6 @@ describe('OC.SetupChecks tests', function() {
suggestedOverwriteCliURL: '',
isFairUseOfFreePushService: true,
isCorrectMemcachedPHPModuleInstalled: true,
- hasPassedCodeIntegrityCheck: true,
isSettimelimitAvailable: true,
cronErrors: [],
cronInfo: {