| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |\
| |
| | |
Disable Clear-Site-Data for Chrom* (and Opera, Brave, etc)
|
| | |
| |
| |
| | |
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
| | |
| |
| |
| |
| | |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
|
| | |
| |
| |
| | |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| | |
| |
| |
| |
| | |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
|
| |\ \
| |/
|/| |
Honor avatar visibility settings
|
| | |
| |
| |
| | |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes #5456
Only when an avatar is set to public should we show it to the public.
For now this has an open question as to how to solve federated avatars.
But I assume a dedicated paramter or endpooint would make sense there.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Otherwise we keep on using it with leading or trailing whitespaces for
app tokens and other logic. The reason this doesn't throw an error
immediately with local users is that (My)SQL compares strings regardless
of their padding by default. So we look up 'uid ' and get the row for
the user 'uid'.
Other back-ends will lead to a hard error, though, and the user is
unable to log out as all request fail.
Ref https://stackoverflow.com/a/10495807/2239067
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| | |
| |
| |
| | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |\ \
| | |
| | | |
Some php-cs fixes
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Order the imports
* No leading slash on imports
* Empty line before namespace
* One line per import
* Empty after imports
* Emmpty line at bottom of file
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |/ /
| |
| |
| | |
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
| |/
|
|
|
|
|
|
| |
Resolves Issue #17885
Check getRedirectUri() for queries, and add a '&' instead of a '?' to $redirectUri if it already has them; otherwise, $redirectUri might end up with two '?'.
Signed-off-by: RussellAult <russellault@users.noreply.github.com>
|
| |
|
|
|
|
|
| |
These annotations will allow for extra checks. And thus make it harder
to break things.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |
|
|
| |
Signed-off-by: Sergej Nikolaev <kinolaev@gmail.com>
|
| |
|
|
| |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |
|
|
|
|
| |
Fix Argument 1 passed to OC\Security\Crypto::decrypt() must be of the type string, null given
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
| |
|
|
|
|
|
|
| |
So fun fact. Chrome considers a redirect after submitting a form part of
the form actions. Since we redirect to a new protocol (nc://login/).
Causing the form submission to work but the redirect failing hard.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |\
| |
| | |
Add missing password reset page to vue
|
| | |
| |
| |
| | |
Signed-off-by: Julius Härtl <jus@bitgrid.net>
|
| |\ \
| | |
| | | |
Use proper exception in lostController
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There is no need to log the expcetion of most of the stuff here.
We should properly log them but an exception is excessive.
This moves it to a proper exception which we can catch and then log.
The other exceptions will still be fully logged.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
| |
The constructor is called with the userId. However if a user is not
logged in this is null. Which means that we get an exception instead of
this being handled gracefully in the middleware.
There are cleaner solutions. But this is the solution that is the
easiest to apply without lots of work and risk of breaking things
(handling the logged in middleware before initializing the controller
etc).
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |\
| |
| | |
Prevent undefined offset 0 in findByUserIdOrMail
|
| | |
| |
| |
| | |
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
| |/
|
|
|
|
|
|
|
|
| |
There are plans to remove executionContexts from the spec: https://github.com/w3c/webappsec-clear-site-data/issues/59
Firefox already removed it https://bugzilla.mozilla.org/show_bug.cgi?id=1548034
Chromium implementation is not finish: https://bugs.chromium.org/p/chromium/issues/detail?id=898503&q=clear-site-data&sort=-modified&colspec=ID%20Pri%20M%20Stars%20ReleaseBlock%20Component%20Status%20Owner%20Summary%20OS%20Modified
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Julius Härtl <jus@bitgrid.net>
|
| |
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
|
|
|
|
| |
This allows a user to mark a token for remote wipe.
Clients that support this can then wipe the device properly.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |\
| |
| | |
2FA setup during login
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Once 2FA is enforced for a user and they have no 2FA setup yet this will
now prompt them with a setup screen. Given that providers are enabled
that allow setup then.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |/
|
|
|
|
| |
Fixes #15480
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
| |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
|
|
| |
Otherwise the icon can not be displayed in mobile apps
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
|
|
| |
Searching for all is still a problem
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Julius Härtl <jus@bitgrid.net>
|
| |
|
|
|
|
|
|
| |
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Move to vuex
Signed-off-by: Julius Härtl <jus@bitgrid.net>
|
| |
|
|
| |
Signed-off-by: Julius Härtl <jus@bitgrid.net>
|
| |
|
|
| |
Signed-off-by: Julius Härtl <jus@bitgrid.net>
|
| |
|
|
| |
Signed-off-by: Julius Härtl <jus@bitgrid.net>
|
