summaryrefslogtreecommitdiffstats
path: root/lib/private/AppFramework/Middleware/Security
Commit message (Expand)AuthorAgeFilesLines
* Don't perform CSRF check on OCS routes with Bearer authRoeland Jago Douma2018-02-081-2/+8
* Move passwordconfirmation to its own midlewareRoeland Jago Douma2018-01-022-28/+82
* disable password confirmation with SSOBjoern Schiessle2018-01-021-2/+16
* Update license headersMorris Jobke2017-11-066-2/+11
* Use proper DI for security middleware for app enabled checkMorris Jobke2017-10-241-2/+8
* Handle SameSiteCookie check for index.php in AppFramework MiddlewareRoeland Jago Douma2017-09-242-0/+144
* Remove explicit type hints for ControllerLukas Reschke2017-08-014-10/+10
* Merge pull request #5907 from nextcloud/add-metadata-to-throttle-callMorris Jobke2017-08-011-1/+1
|\
| * Add metadata to \OCP\AppFramework\Http\Response::throttleLukas Reschke2017-07-271-1/+1
* | Fix middleware implementations signaturesRoeland Jago Douma2017-07-314-10/+12
|/
* Check whether the $_SERVER['REQUEST_*'] vars exist before using themJoas Schilling2017-05-151-6/+5
* Remove unused use statementsMorris Jobke2017-04-221-1/+0
* Make BruteForceProtection annotation more cleverLukas Reschke2017-04-132-14/+84
* Move to dedicated MiddleWareLukas Reschke2017-04-132-35/+144
* Add support for ratelimiting via annotationsLukas Reschke2017-04-131-11/+36
* handle optional annotation parametersBjoern Schiessle2017-01-181-1/+1
* introduce brute force protection for api callsBjoern Schiessle2017-01-181-1/+13
* Allow to overwrite the message which we already do in SubadminMiddlewareJoas Schilling2016-12-081-2/+2
* Merge pull request #2066 from nextcloud/fix-redirect-double-encodingMorris Jobke2016-11-291-1/+1
|\
| * do not double encode the redirect urlChristoph Wurst2016-11-091-1/+1
* | Add the 15 seconds to the window, instead of removingJoas Schilling2016-11-181-1/+1
* | Introduce PasswordConfirmRequired annotationJoas Schilling2016-11-182-0/+51
|/
* Move browserSupportsCspV3 to CSPNonceManagerRoeland Jago Douma2016-10-251-19/+8
* Add support for CSP noncesLukas Reschke2016-10-241-1/+28
* Add trict CSP to OCS responsesRoeland Jago Douma2016-09-151-0/+5
* We should properly check for 'true' instaed of the boolRoeland Jago Douma2016-08-011-1/+1
* Dark hackery to not always disable CSRF for OCS controllersRoeland Jago Douma2016-07-291-2/+10
* Fix othersJoas Schilling2016-07-218-12/+22
* Merge pull request #479 from nextcloud/add-bruteforce-throttlerLukas Reschke2016-07-211-14/+11
|\
| * Implement brute force protectionLukas Reschke2016-07-201-14/+11
* | [master] Port Same-Site Cookies to masterLukas Reschke2016-07-202-1/+46
|/
* add PasswordLoginForbiddenExceptionChristoph Wurst2016-06-171-2/+7
* create session token on all APIsChristoph Wurst2016-06-131-1/+1
* use client login method on CORS routesChristoph Wurst2016-06-081-6/+6
* Update license headersLukas Reschke2016-05-267-7/+14
* Fix inconsistent nameing of AppFrameworkRoeland Jago Douma2016-04-225-12/+12
* Move \OC\AppFramework to PSR-4Roeland Jago Douma2016-04-227-0/+554
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-29 01:11:29 +0000