summaryrefslogtreecommitdiffstats
path: root/lib/private/AppFramework
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #43182 from nextcloud/backport/42930/stable27Arthur Schiwon2024-01-301-5/+3
|\ | | | | [stable27] Fix: config param 'overwritecondaddr' not working
| * code style: ommited space, reverted [code review]Pavel Kryl2024-01-291-1/+1
| |
| * fixing bug #6914: Config Param 'overwritecondaddr' not workingPavel Kryl2024-01-291-6/+4
| | | | | | | | | | | | | | - just ignoring/removing extra parameter 'protocol' as suggested by blizzz Signed-off-by: Pavel Kryl <pavel@kryl.eu>
* | fix(Request): Catch exceptions in `isTrustedProxy`Ferdinand Thiessen2024-01-291-1/+8
|/ | | | | | | | | The function fails if the configured trusted proxies contain invalid characters and the underlying IpUtils will throw. But as it is used by `getRemoteAddress` which is used by logging / templating, thrown errors are not reported but silently fail with error 500. Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de> Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com> Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* Reverse X-Forwarded-For list to read the correct proxy remote addressJoas Schilling2023-11-161-2/+8
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Fix version number in ITimeFactory after it was delayedJoas Schilling2023-10-161-1/+1
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* fixed Drone testAlexander Piskun2023-10-091-1/+2
| | | | Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
* added CORS skip if session was created by AppAPIAlexander Piskun2023-10-091-0/+4
| | | | Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
* fix(middleware): Fix header injection for bruteforce middlewareJoas Schilling2023-08-231-5/+1
| | | | | | | Calling setHeaders(getHeaders()) breaks the CSP nonce for unknown reasons So shifting back to old standard practise for now Signed-off-by: Joas Schilling <coding@schilljs.com>
* feat: Add a header which signals that the request was throttledJoas Schilling2023-08-231-4/+14
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Massive refactoring: Turn LanguageModel OCP API into TextProcessing APIMarcel Klehr2023-08-091-10/+10
| | | | | | Signed-off-by: Marcel Klehr <mklehr@gmx.net> (cherry picked from commit ffe27ce14ca74b509c8721c9fba7c759498fa471)
* LLM OCP API: Add to RegistrationContextMarcel Klehr2023-08-091-0/+21
| | | | | Signed-off-by: Marcel Klehr <mklehr@gmx.net> (cherry picked from commit 82d3b00ab1f5ed3206a986e4969778bff77ca560)
* fix(middleware): Also abort the request when reaching max delay in ↵Joas Schilling2023-05-151-22/+30
| | | | | | afterController Signed-off-by: Joas Schilling <coding@schilljs.com>
* feat(security): Add PHP \Attribute for remaining security annotationsJoas Schilling2023-04-254-27/+132
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* feat(ratelimit): Add Attributes support to rate limit middlewareJoas Schilling2023-04-241-41/+77
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Merge branch 'master' into enh/type-iconfig-getter-callsCôme Chilliet2023-04-202-0/+25
|\ | | | | Signed-off-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
| * Merge pull request #37674 from nextcloud/feature/speech-to-textJoas Schilling2023-04-191-0/+22
| |\ | | | | | | feat(SpeechToText): Add SpeechToText OCP provider API
| | * feat(SpeechToText): Add SpeechToText provider APIMarcel Klehr2023-04-111-0/+22
| | | | | | | | | | | | Signed-off-by: Marcel Klehr <mklehr@gmx.net>
| * | fix(security)!: Use consistent HTTP status for strict cookie checksChristoph Wurst2023-04-171-0/+3
| |/ | | | | | | | | | | | | Before: 503/412 Now: 412 + json body explaining the error Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* / Use typed version of IConfig::getSystemValue as much as possibleCôme Chilliet2023-04-051-7/+7
|/ | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Add a debug message when throttling without definingJoas Schilling2023-03-082-11/+11
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* feat(middleware): Migrate BruteForceProtection annotation to PHP Attribute ↵Joas Schilling2023-03-081-5/+43
| | | | | | and allow multiple Signed-off-by: Joas Schilling <coding@schilljs.com>
* feat(appframework): ⌚ Make ITimeFactory extend \PSR\Clock\ClockInterfaceJoas Schilling2023-03-031-1/+25
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* feat(translations): Add translation provider APIJulius Härtl2023-02-271-0/+25
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Merge pull request #36396 from nextcloud/fix/corsJulius Härtl2023-02-171-1/+1
|\
| * fix(CORS): CORS should only be bypassed on `PublicPage` if not logged in to ↵Ferdinand Thiessen2023-02-161-1/+1
| | | | | | | | | | | | prevent CSRF attack vectors Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
* | Merge pull request #36656 from nextcloud/route-instrumentationJulius Härtl2023-02-141-5/+17
|\ \
| * | more routing performance instrumentationRobin Appelman2023-02-101-5/+17
| |/ | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* | Merge pull request #36525 from nextcloud/fix/noid/params-putJulius Härtl2023-02-131-6/+12
|\ \ | | | | | | fix: Only get params from PUT content if possible
| * | fix: Only get params from PUT content if possibleJulius Härtl2023-02-031-6/+12
| | | | | | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* | | instrumentation for app bootingRobin Appelman2023-02-091-8/+8
| | | | | | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* | | add more performance instrumentation for app registeringRobin Appelman2023-02-091-2/+14
| |/ |/| | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* | fix: Throw `NotFoundExceptionInterface` to fulfill PSR container interface ↵Ferdinand Thiessen2023-02-062-2/+44
|/ | | | | | if class not found Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
* Pluggable share providerLouis Chemineau2023-02-021-0/+22
| | | | | Signed-off-by: Carl Schwan <carl@carlschwan.eu> Signed-off-by: Louis Chemineau <louis@chmn.me>
* feat(app-framework): Add UseSession attribute to replace annotationChristoph Wurst2023-01-271-4/+30
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* feat(app-framework): Add support for global middlewaresChristoph Wurst2023-01-263-7/+54
| | | | | | | This allows apps to register middlewares that always register, not just for the app's own requests Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* perf(app-framework): Make the app middleware registration lazyChristoph Wurst2023-01-253-23/+14
| | | | | | | | | Before this patch, app middlewares were registered on the dispatcher for every app loaded in a Nextcloud process. With the patch, only middlewares belonging to the same app of a dispatcher instance are loaded. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* composer run cs:fixCôme Chilliet2023-01-2029-38/+7
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Fix types in OCS json answer (status code is an int)Côme Chilliet2023-01-203-5/+3
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Fix crash in OCS when getting info about an applicationCôme Chilliet2023-01-201-8/+11
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Attempt at reducing psalm errorsCôme Chilliet2023-01-201-5/+4
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* feat(app framework)!: Inject services into controller methodsChristoph Wurst2023-01-182-2/+10
| | | | | | | | | | | | | | | Usually Nextcloud DI goes through constructor injection. This has the implication that each instance of a class builds the full DI tree. That is the injected services, their services, etc. Occasionally there is a service that is only needed for one controller method. Then the DI tree is build regardless if used or not. If services are injected into the method, we only build the DI tree if that method gets executed. This is also how Laravel allows injection. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Merge pull request #34172 from audriga/add-scim-json-supportJoas Schilling2022-12-201-2/+3
|\ | | | | Add support for application/scim+json
| * Merge branch 'master' into add-scim-json-supportStanimir Bozhilov2022-12-196-16/+63
| |\ | | | | | | Signed-off-by: Stanimir Bozhilov <stanimir.bozhilov.1998@gmail.com>
| * | Move JSON content type regex to IRequest and make it a constStanimir Bozhilov2022-12-081-4/+1
| | |
| * | Fix the JSON content type regex to match all MIME typesStanimir Bozhilov2022-09-261-1/+1
| | | | | | | | | | | | Signed-off-by: Stanimir Bozhilov <stanimir@audriga.com>
| * | Type hint JSON content type regex and use preg_match lessStanimir Bozhilov2022-09-221-4/+4
| | | | | | | | | | | | Signed-off-by: Stanimir Bozhilov <stanimir@audriga.com>
| * | Use regex for all JSON-related content typesStanimir Bozhilov2022-09-211-6/+7
| | | | | | | | | | | | Signed-off-by: Stanimir Bozhilov <stanimir@audriga.com>
| * | Treat application/json and application/scim+json in same if-blockStanimir Bozhilov2022-09-211-11/+3
| | | | | | | | | | | | Signed-off-by: Stanimir Bozhilov <stanimir@audriga.com>
| * | Add support for application/scim+json content typeStanimir Bozhilov2022-09-201-0/+11
| | | | | | | | | | | | Signed-off-by: Stanimir Bozhilov <stanimir@audriga.com>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-19 16:17:20 +0000