aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/AppFramework
Commit message (Collapse)AuthorAgeFilesLines
* chore: fix typo in `SameSiteCookieMiddleware`Ferdinand Thiessen2024-08-311-4/+4
| | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* chore: Remove unused `CsrfTokenManager` from `CSPMiddleware`Ferdinand Thiessen2024-08-312-17/+7
| | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* style: update codestyle for coding-standard 1.2.3Daniel Kesselberg2024-08-2510-34/+34
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* perf: delay getting (sub)admin status for user in the security middleware ↵Robin Appelman2024-08-232-9/+31
| | | | | | untill we need it Signed-off-by: Robin Appelman <robin@icewind.nl>
* fix: Support Safari mobileFerdinand Thiessen2024-08-211-0/+1
| | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* fix: Use `CSP_NONCE` env variable in ContentSecurity HeaderHolger Hees2024-08-131-1/+1
| | | | | | We should use 'cspNonceManager' for requesting the NONCE value, because it is doing the same as before, except that it honors a CPS_NONCE environment variable if available. Signed-off-by: Holger Hees <holger.hees@gmail.com>
* fix(files_sharing): show proper share not found error messageskjnldsv2024-08-062-19/+13
| | | | Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
* fix(AppFramework): Allow requests with OCS-APIRequest header to pass CSRF checksprovokateurin2024-07-251-0/+4
| | | | Signed-off-by: provokateurin <kate@provokateurin.de>
* feat: mail provider backendSebastianKrupinski2024-07-231-0/+24
| | | | Signed-off-by: SebastianKrupinski <krupinskis05@gmail.com>
* feat(security): Add public API to allow validating IP Ranges and checking ↵Joas Schilling2024-07-192-7/+7
| | | | | | | for "in range" Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
* feat(security): restrict admin actions to IP rangesBenjamin Gaussorgues2024-07-193-54/+56
| | | | Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
* chore: use "app_api" session key, "app_api_system" is deprecatedAndrey Borysenko2024-07-181-2/+3
| | | | Signed-off-by: Andrey Borysenko <andrey18106x@gmail.com>
* feat: allow for ExApps to call Admin endpoints marked with specific attrAlexander Piskun2024-07-181-6/+15
| | | | Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
* feat(Security): Warn about using annotations instead of attributesprovokateurin2024-07-184-2/+12
| | | | Signed-off-by: provokateurin <kate@provokateurin.de>
* feat: Add new forbidden filename options to CapabilitiesFerdinand Thiessen2024-07-111-1/+3
| | | | | | | | | Allow clients to access the new filename validation options and make frontend name validation possible. Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de> Co-authored-by: Kate <26026535+provokateurin@users.noreply.github.com> Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* feat(AppFramework): Add ExAppRequired attributeprovokateurin2024-07-012-1/+27
| | | | Signed-off-by: provokateurin <kate@provokateurin.de>
* fix(logger): Fix scoped PSR logger when running psalm:ciJoas Schilling2024-06-111-9/+9
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* refactor(Token): introduce scope constantsArthur Schiwon2024-06-051-1/+2
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* fix(Session): avoid password confirmation on SSOArthur Schiwon2024-06-052-3/+26
| | | | | | | | | | | SSO backends like SAML and OIDC tried a trick to suppress password confirmations as they are not possible by design. At least for SAML it was not reliable when existing user backends where used as user repositories. Now we are setting a special scope with the token, and also make sure that the scope is taken over when tokens are regenerated. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* chore: Add SPDX headerAndy Scherzinger2024-05-2459-1285/+148
| | | | Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
* fix: address review commentsMarcel Klehr2024-05-141-2/+2
| | | | Signed-off-by: Marcel Klehr <mklehr@gmx.net>
* feat: first pass at TaskProcessing APIMarcel Klehr2024-05-141-0/+48
| | | | Signed-off-by: Marcel Klehr <mklehr@gmx.net>
* fix: Fix newly spotted psalm issues, add exhaustive typed magic properties ↵Côme Chilliet2024-04-302-8/+8
| | | | | | for LDAP classes Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* fix: Migrate away from OC_App toward the IAppManagerCôme Chilliet2024-04-221-34/+12
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Merge pull request #44644 from nextcloud/enh/noid/returns-formated-app-valuesFerdinand Thiessen2024-04-171-1/+1
|\ | | | | fix(appconfig): format app values
| * fix(appconfig): only convert single entry on searchValues()Maxence Lange2024-04-051-1/+1
| | | | | | | | Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
* | fix: Fix new psalm errors from updateCôme Chilliet2024-04-081-1/+1
|/ | | | | | | Not sure about the SimpleContainer modification, let’s see what CI says about that. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* fix: Apply new coding standard to all filesCôme Chilliet2024-04-024-6/+6
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* fix: add check for app_api_system session flag to bypass rate limitFlorian Klinger2024-03-182-1/+9
| | | | | Signed-off-by: Florian Klinger <florian.klinger@nextcloud.com> Signed-off-by: Andrey Borysenko <andrey18106x@gmail.com>
* Merge branch 'master' into refactor/OC-Server-getThemingDefaultsJohn Molakvoæ2024-03-153-4/+58
|\
| * fix: add missing copyrights and strict typesAndrey Borysenko2024-03-121-0/+7
| | | | | | | | Signed-off-by: Andrey Borysenko <andrey18106x@gmail.com>
| * feat: Add declarative settingsjld31032024-03-121-8/+21
| | | | | | | | | | | | Signed-off-by: jld3103 <jld3103yt@gmail.com> Signed-off-by: Julien Veyssier <julien-nc@posteo.net> Signed-off-by: Andrey Borysenko <andrey18106x@gmail.com>
| * fix: Adjust user agent pattern for EdgeJulius Härtl2024-03-081-1/+1
| | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
| * feat: Implement team provider apiJulius Härtl2024-03-051-0/+30
| | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
| * fix xml ocs response for serializable objectsKlaus2024-02-231-0/+4
| | | | | | | | | | Signed-off-by: sualko <klaus@jsxc.org> Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
* | Merge branch 'master' into refactor/OC-Server-getThemingDefaultsJohn Molakvoæ2024-02-2328-156/+541
|\| | | | | Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
| * fix(Routing): Only use lowercase names for registering and matching routesprovokateurin2024-02-212-2/+14
| | | | | | | | Signed-off-by: provokateurin <kate@provokateurin.de>
| * Merge pull request #43552 from ↵Joas Schilling2024-02-151-4/+9
| |\ | | | | | | | | | | | | nextcloud/bugfix/noid/rfc7239-compatible-proxy-handling fix(request): Handle reverse proxy setting a port in Forwarded-For
| | * fix(CS): Fix coding styleJoas Schilling2024-02-141-1/+1
| | | | | | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
| | * fix(request): Fix regex handling and coding-styleJoas Schilling2024-02-131-5/+4
| | | | | | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
| | * fix(request): Handle reverse proxy setting a port in Forwarded-ForMikael Peigney2024-02-131-4/+10
| | | | | | | | | | | | Signed-off-by: Mikael Peigney <Mika56@users.noreply.github.com>
| * | feat: rename users to account or personVincent Petry2024-02-131-3/+3
| |/ | | | | | | | | | | Replace translated text in most locations Signed-off-by: Vincent Petry <vincent@nextcloud.com>
| * Add timezone getter to ITimeFactoryAnna Larch2024-02-131-0/+7
| | | | | | | | Signed-off-by: Anna Larch <anna@nextcloud.com>
| * Fix typo in varGit'Fellow2024-02-091-1/+1
| | | | | | Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
| * chore: Add missing ArrayAccess template parametersCôme Chilliet2024-02-061-0/+1
| | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
| * adding testMaxence Lange2024-01-312-3/+3
| | | | | | | | Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
| * fix psalmMaxence Lange2024-01-312-5/+10
| | | | | | Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
| * sync with new OCP\IAppConfigMaxence Lange2024-01-311-13/+292
| | | | | | Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
| * Merge pull request #42794 from nextcloud/fix/invalid-trusted-proxiesFerdinand Thiessen2024-01-291-1/+8
| |\ | | | | | | fix(Request): Catch exceptions in `isTrustedProxy`
| | * fix(Request): Catch exceptions in `isTrustedProxy`Ferdinand Thiessen2024-01-271-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | The function fails if the configured trusted proxies contain invalid characters and the underlying IpUtils will throw. But as it is used by `getRemoteAddress` which is used by logging / templating, thrown errors are not reported but silently fail with error 500. Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de> Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com> Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-29 01:24:03 +0000