nextcloud-server.git - Nextcloud server, a safe home for all your data: https://github.com/nextcloud/server

	Commit message (Collapse)	Author	Age	Files	Lines
*	Use SystemConfig instead of AllConfig for DB stuff	Morris Jobke	2017-03-19	1	-2/+2
\| \| \| \| \| \|	* preparation for followup PRs to clean up the DB bootstrapping Signed-off-by: Morris Jobke <hey@morrisjobke.de>
*	Check that set_time_limit is not disabled before calling it	Ko-	2017-03-11	1	-1/+3
\| \| \| \|	Signed-off-by: Ko- <k.stoffelen@cs.ru.nl>
*	Remove legacy class OC_Group and OC_User	Morris Jobke	2017-03-09	1	-1/+1
\| \| \| \| \| \|	* basically a straight replacement of the wrapped code at the calling code parts Signed-off-by: Morris Jobke <hey@morrisjobke.de>
*	Extend Same Site cookie user_saml exemption rule	Vincent Vanackere	2017-03-07	1	-1/+1
\| \| \| \| \| \| \|	The current check does not trigger if $request->getRequestUri() does not return index.php as a prefix (on my config this was occuring using nginx to serve Nextcloud) Signed-off-by: Vincent Vanackere <vincent.vanackere@trustelem.com>
*	Remove deprecated OC_User::isLoggedIn	Sebastian Wessalowski	2017-03-02	1	-2/+2
\| \| \| \|	Signed-off-by: Sebastian Wessalowski <sebastian@wessalowski.org>
*	Clean up single user mode	Morris Jobke	2017-02-22	1	-27/+0
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	Single user mode basically disables WebDAV, OCS and cron execution. Since we heavily rely on WebDAV and OCS also in the web UI it's basically useless. An admin only sees a broken interface and can't even change any settings nor sees any files. Also sharing is not possible. As this is at least the case since Nextcloud 9 and we haven't received any reports for this it seems that this feature is not used at all so I removed it. The encryption commands now rely on the well tested maintenance mode. Signed-off-by: Morris Jobke <hey@morrisjobke.de>
*	Fix public page css fallback loading	John Molakvoæ (skjnldsv)	2017-02-01	1	-4/+0
\| \| \| \|	Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
*	Merge pull request #3004 from nextcloud/fix-installation-css	Lukas Reschke	2017-01-22	1	-5/+6
\|\ \| \| \| \|	Fixed installation page
\| *	Create unified css file and merge all needed data into this file	John Molakvoæ (skjnldsv)	2017-01-10	1	-5/+6
\| \| \| \| \| \| \| \|	Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* \|	Merge pull request #2914 from nextcloud/logrotate-logfile	Morris Jobke	2017-01-10	1	-1/+1
\|\ \ \| \| \| \| \| \|	Get the logfile location while running the logrotate cron job instead…
\| * \|	Get the logfile location while running the logrotate cron job instead of ↵	Robin Appelman	2017-01-06	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	when registering the job Signed-off-by: Robin Appelman <robin@icewind.nl>
* \| \|	Merge pull request #2943 from nextcloud/kill_old_preview_code	Morris Jobke	2017-01-10	1	-17/+0
\|\ \ \ \| \| \| \| \| \| \| \|	Cleanup old preview code
\| * \| \|	Remove old preview code	Roeland Jago Douma	2017-01-04	1	-17/+0
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* \OC\Preview is no more * \Test\PreviewTests is no more * PreviewHooks in base.php are gone Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* \| \| \|	Merge pull request #2925 from nextcloud/remove-close-wrapper	Roeland Jago Douma	2017-01-10	1	-3/+0
\|\ \ \ \ \| \|_\|_\|/ \|/\| \| \|	replace close:// streamwrapper with CallBackWrapper
\| * \| \|	replace close:// streamwrapper with CallBackWrapper	Robin Appelman	2017-01-06	1	-3/+0
\| \| \|/ \| \|/\| \| \| \| \| \| \|	Signed-off-by: Robin Appelman <robin@icewind.nl>
* / \|	Allow access to CSS resources	Lukas Reschke	2017-01-09	1	-8/+16
\|/ / \| \| \| \| \| \| \| \| \| \|	Fixes https://github.com/nextcloud/server/issues/2984 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* \|	Merge pull request #2934 from nextcloud/quota-stream-non-global	Roeland Jago Douma	2017-01-06	1	-1/+0
\|\ \ \| \| \| \| \| \|	remove the need to register the quota streamwrapper globally
\| * \|	remove the need to register the quota streamwrapper globally	Robin Appelman	2017-01-04	1	-1/+0
\| \|/ \| \| \| \| \| \|	Signed-off-by: Robin Appelman <robin@icewind.nl>
* \|	Theme update pages via CSS	Morris Jobke	2017-01-06	1	-0/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	* SCSS on-the-fly generation isn't allowed during update * fallback to plain CSS Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* \|	remove static:// stream wrapper	Robin Appelman	2017-01-04	1	-1/+0
\|/ \| \| \|	Signed-off-by: Robin Appelman <robin@icewind.nl>
*	remove no longer used fakedir stream wrapper	Robin Appelman	2017-01-03	1	-1/+0
\| \| \| \|	Signed-off-by: Robin Appelman <robin@icewind.nl>
*	Merge pull request #2322 from nextcloud/compat-with-chrome54	Morris Jobke	2016-11-25	1	-9/+0
\|\ \| \| \| \|	Remove exception for Chrome on Mobile
\| *	Remove exception for Chrome on Mobile	Lukas Reschke	2016-11-24	1	-9/+0
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This didn't really work anyways and Chrome 54 for Android has been pushed out via Google Play on October 19th. So we should remove this. This is only in master and doesn't affect any stable branch. Fixes https://github.com/nextcloud/server/issues/2318 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* \|	Merge pull request #2276 from nextcloud/update-email-address	Morris Jobke	2016-11-25	1	-0/+6
\|\ \ \| \|/ \|/\|	Update email address
\| *	bring back setEmailAddress for the user management	Bjoern Schiessle	2016-11-25	1	-1/+1
\| \| \| \| \| \| \| \|	Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
\| *	update accounts table if email address or display name changes from outside	Bjoern Schiessle	2016-11-25	1	-0/+6
\| \| \| \| \| \| \| \|	Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
* \|	Harden cookies more appropriate	Lukas Reschke	2016-11-23	1	-1/+9
\|/ \| \| \| \| \| \| \| \| \|	This adds the __Host- prefix to the same-site cookies. This is a small but yet nice security hardening. See https://googlechrome.github.io/samples/cookie-prefixes/ for the implications. Fixes https://github.com/nextcloud/server/issues/1412 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
*	Show all in one message	Joas Schilling	2016-11-16	1	-4/+9
\| \| \| \|	Signed-off-by: Joas Schilling <coding@schilljs.com>
*	add explanatory text of what to do on app version error	Jan-Christoph Borchardt	2016-11-16	1	-2/+2
\| \| \| \|	Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
*	Merge pull request #1973 from ↵	Morris Jobke	2016-11-02	1	-1/+11
\|\ \| \| \| \| \| \| \| \|	nextcloud/dont-disable-shipped-apps-but-throw-instead Throw an exception when a shipped app was not replaced before the update
\| *	Throw an exception when a shipped app was not replaced before the update	Joas Schilling	2016-11-02	1	-1/+11
\| \| \| \| \| \| \| \|	Signed-off-by: Joas Schilling <coding@schilljs.com>
* \|	bring back remember-me	Christoph Wurst	2016-11-02	1	-0/+6
\|/ \| \| \| \| \| \| \| \| \|	* try to reuse the old session token for remember me login * decrypt/encrypt token password and set the session id accordingly * create remember-me cookies only if checkbox is checked and 2fa solved * adjust db token cleanup to store remembered tokens longer * adjust unit tests Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
*	Remove all unneeded set_include_path()	Thomas Müller	2016-10-25	1	-6/+1
\|
*	Throw exception because the logger causes session issues anyway that early ↵	Morris Jobke	2016-10-24	1	-1/+1
\| \| \| \| \| \|	in the request cycle Signed-off-by: Morris Jobke <hey@morrisjobke.de>
*	log error when setting timezone to UTC fails (#26354)	Jörn Friedrich Dreyer	2016-10-24	1	-1/+3
\| \| \| \|	Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
*	Get rid of very old oc:// stream wrapper (#26381)	Vincent Petry	2016-10-20	1	-1/+0
\|
*	Don't check for Same-Site cookie on Chrome Android	Lukas Reschke	2016-09-20	1	-0/+8
\| \| \| \| \| \| \| \|	Chrome on Android has a bug that it doesn't sent cookies with the same-site attribute for the download manager. To work around that all same-site cookies get deleted and recreated directly. Awesome! FIXME: Remove once Chrome 54 is deployed to end-users @see https://github.com/nextcloud/server/pull/1454
*	Add exemptions for incompatible UAs	Lukas Reschke	2016-09-08	1	-1/+15
\| \| \| \| \| \| \|	Some user agents are notorious and don't really properly follow HTTP specifications. For those, have an automated opt-out. Since the protection for remote.php is applied in base.php as starting point we need to opt out here.
*	Allow to call status.php before the instance is installed	Joas Schilling	2016-09-06	1	-1/+1
\|
*	Short circuit processing of the heartbeat request	Robin Appelman	2016-08-30	1	-0/+3
\|
*	Fix redirection taking care of protocol and port	Juan Pablo Villafáñez	2016-08-29	1	-1/+1
\|
*	check registered sections and settings after an app got updated to garbage ↵	Arthur Schiwon	2016-08-16	1	-0/+8
\| \| \| \|	collect orphaned classes
*	attempt to remove section and settings entries when an app got disabled	Arthur Schiwon	2016-08-16	1	-0/+9
\|
*	Merge pull request #660 from gdamjan/custom-config-dir	Morris Jobke	2016-08-09	1	-1/+3
\|\ \| \| \| \|	introduce NEXTCLOUD_CONFIG_DIR env variable (see #300)
\| *	introduce NEXTCLOUD_CONFIG_DIR env variable (see #300)	Damjan Georgievski	2016-07-29	1	-1/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	nextcloud by default uses the `/config/` directory in the source/application tree for its config file(s). with this commit that directory can be overridden by the `NEXTCLOUD_CONFIG_DIR` environment variable. in uwsgi, you would use the option `--env "NEXTCLOUD_CONFIG_DIR=/tmp/nx-config/"` in apache `SetENV …` and the cli command can be run with: `NEXTCLOUD_CONFIG_DIR=/tmp/nx-config ./occ` (or just use `export` once in the shell). NEXTCLOUD_CONFIG_DIR can be supplied with or without the trailing slash (`/`), but in all cases `$configDir` will have it automatically added if needed. The other changes are several occurrences of `OC::$SERVERROOT . '/config'` to `OC::$configDir`.
* \|	reduce info on update screens, introduce button to refresh	Jan-Christoph Borchardt	2016-08-04	1	-2/+2
\|/
*	Update with robin	Joas Schilling	2016-07-21	1	-1/+1
\|
*	Fix others	Joas Schilling	2016-07-21	1	-4/+6
\|
*	Merge pull request #479 from nextcloud/add-bruteforce-throttler	Lukas Reschke	2016-07-21	1	-1/+1
\|\ \| \| \| \|	Implement brute force protection
\| *	Implement brute force protection	Lukas Reschke	2016-07-20	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Class Throttler implements the bruteforce protection for security actions in Nextcloud. It is working by logging invalid login attempts to the database and slowing down all login attempts from the same subnet. The max delay is 30 seconds and the starting delay are 200 milliseconds. (after the first failed login)