aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/AppFramework/Http
Commit message (Collapse)AuthorAgeFilesLines
...
* Don't try to parse empty body if there is no bodyRoeland Jago Douma2017-04-041-0/+2
| | | | | | | | | | | | Fixes #3890 If we do a put request without a body the current code still tries to read the body. This patch makes sure that we do not try to read the body if the content length is 0. See RFC 2616 Section 4.3 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* dont require strict same site cookies for ocs requestsRoeland Jago Douma2017-03-091-0/+3
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Fix detection of the new iOS appJoas Schilling2017-02-101-1/+1
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* oc_token should be nc_tokenChristoph Wurst2017-02-021-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Harden cookies more appropriateLukas Reschke2016-11-231-2/+31
| | | | | | | | | | This adds the __Host- prefix to the same-site cookies. This is a small but yet nice security hardening. See https://googlechrome.github.io/samples/cookie-prefixes/ for the implications. Fixes https://github.com/nextcloud/server/issues/1412 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* allow passing a stream to StreamResponseRobin Appelman2016-11-161-2/+7
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* Identify Chromium as ChromeJoas Schilling2016-10-261-1/+1
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Merge pull request #797 from nextcloud/only-match-for-auth-cookieJoas Schilling2016-08-311-2/+15
|\ | | | | Match only for actual session cookie
| * Match only for actual session cookieLukas Reschke2016-08-091-2/+15
| | | | | | | | OVH has implemented load balancing in a very questionable way where the reverse proxy actually internally adds some cookies which would trigger a security exception. To work around this, this change only checks for the session cookie.
* | Remove reading PATH_INFO from server variableLukas Reschke2016-08-191-4/+0
| | | | | | | | | | | | Having two code paths for this is unreliable and can lead to bugs. Also, in some cases Apache isn't setting the PATH_INFO variable when mod_rewrite is used. Fixes https://github.com/nextcloud/server/issues/983
* | Remove IE_8 user agent stringRoeland Jago Douma2016-08-161-1/+0
|/
* Merge pull request #507 from nextcloud/run-le-scriptMorris Jobke2016-07-213-6/+9
|\ | | | | Update emails and license headers with latest changes
| * Update with robinJoas Schilling2016-07-211-1/+1
| |
| * Fix othersJoas Schilling2016-07-213-5/+8
| |
* | AppFramework do not get default responseRoeland Jago Douma2016-07-201-2/+6
|/ | | | | | | | | The OCSResponse differs from other responses in that it defaults to XML. However we fell back to json by default. This makes sure that if nothing is set we don't pass anything. Which defaults then to the controllers default (which is often 'json') but in the case of the OCSResponse 'xml'.
* [master] Port Same-Site Cookies to masterLukas Reschke2016-07-201-0/+40
| | | | Fixes https://github.com/nextcloud/server/issues/50
* Copy the regexes to the public interfaceJoas Schilling2016-07-181-1/+11
|
* Update license headersLukas Reschke2016-05-263-3/+4
|
* Make ownCloud work again in php 7.0.6Roeland Jago Douma2016-04-281-0/+3
| | | | See https://bugs.php.net/bug.php?id=72117
* Move \OC\AppFramework to PSR-4Roeland Jago Douma2016-04-223-0/+1042
* Also moved the autoloader setup a bit up since we need it in initpaths
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-02 02:54:00 +0000