aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/Http
Commit message (Collapse)AuthorAgeFilesLines
* chore: apply changes from Nextcloud coding standards 1.1.1Joas Schilling2023-11-232-9/+9
| | | | | Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
* test: add tests for dns pin middlewareDaniel Kesselberg2023-09-121-2/+9
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* enh: skip processing for empty responseDaniel Kesselberg2023-09-041-0/+4
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* feat: add switch to disable dns pinningDaniel Kesselberg2023-08-291-2/+4
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* feat(HTTPClient): Provide wrapped access to Guzzle's asyncRequest()Joas Schilling2023-06-273-8/+365
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* log performance events for http requestsRobin Appelman2023-04-281-4/+17
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* Use typed version of IConfig::getSystemValue as much as possibleCôme Chilliet2023-04-051-5/+5
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* composer run cs:fixCôme Chilliet2023-01-201-1/+0
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Fix DNS Pin Middleware throwing for public IPsChristoph Wurst2022-11-081-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Add remote host validation APIChristoph Wurst2022-10-314-117/+27
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Rename LocalAddressChecker methods to lower caseChristoph Wurst2022-10-273-5/+5
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Revert "fix external storages access"Simon L2022-10-231-1/+3
| | | | Signed-off-by: szaimen <szaimen@e.mail.de>
* Merge pull request #33087 from nextcloud/fix/30282/external-storagesJohn Molakvoæ2022-10-231-3/+1
|\ | | | | fix external storages access
| * fix external storages accessszaimen2022-07-011-3/+1
| | | | | | | | Signed-off-by: szaimen <szaimen@e.mail.de>
* | Fix tests for nested v4 in v6Côme Chilliet2022-09-201-14/+6
| | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | Use new dependency to normalize IPsCôme Chilliet2022-09-201-0/+13
| | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | Add missing urldecode and idn_to_utf8 calls to local address checkerCôme Chilliet2022-09-202-2/+2
| | | | | | | | | | | | The call to idn_to_utf8 call is actually to apply normalization Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | Fix typos in lib/private subdirectoryluz paz2022-07-271-1/+1
| | | | | | | | | | | | Found via `codespell -q 3 -S l10n -L jus ./lib/private` Signed-off-by: luz paz <luzpaz@github.com>
* | Use Symfony IpUtils to check for local IP rangesCôme Chilliet2022-07-121-3/+7
| | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | Check for local IPs nested in IPv6 as wellCôme Chilliet2022-07-121-1/+3
| | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | Refactor local IP if and set strict to true for in_arrayCôme Chilliet2022-07-121-6/+6
| | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | Improve local IP detectionCôme Chilliet2022-07-121-0/+6
|/ | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Improve local domain detectionCôme Chilliet2022-06-231-2/+4
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Migrate from ILogger to LoggerInterface in lib/privateCôme Chilliet2022-03-243-15/+3
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Send images to imaginary docker to generate previewsVincent Petry2022-03-171-1/+2
| | | | | Signed-off-by: Carl Schwan <carl@carlschwan.eu> Co-Authored-by: Vincent Petry <vincent@nextcloud.com>
* Check for !== false instead Lukas Reschke2021-07-121-1/+1
| | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Check if dns_get_record returns non-falseLukas Reschke2021-07-121-1/+1
| | | | | | | `dns_get_record` can return false which results in exceptions such as the ones shown in https://github.com/nextcloud/server/issues/27870. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Fixes recursion count incrementationSanpi2021-07-071-1/+1
| | | | Signed-off-by: Sanpi <sanpi@homecomputing.fr>
* Merge pull request #27801 from nextcloud/enh/noid/hardening-dns-pin-middlewarekesselb2021-07-061-13/+28
|\ | | | | Ignore subdomain for soa queries
| * Ignore subdomain for soa queriesDaniel Kesselberg2021-07-051-13/+28
| | | | | | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | Fix DnsPinMiddleware resolve pinning bugAaron Ball2021-07-021-5/+12
|/ | | | | | | | | | | | | | | | | | | | | | | | | | Libcurl expects the value of the CURLOPT_RESOLVE configurations to be an array of strings, those strings containing a comma delimited list of resolved IPs for each host:port combination. The original code here does create that array with the host:port:ip combination, but multiple ips for a single host:port result in additional array entries, rather than adding them to the end of the string with a comma. Per the libcurl docs, the `CURLOPT_RESOLVE` array entries should match the syntax `host:port:address[,address]`. This creates a function-scoped associative array which uses `host:port` as the key (which are supposed to be unique and this ensures that), and the value is an array containing IP strings (ipv4 or ipv6). Once the associative array is populated, it is then set to the CURLOPT_RESOLVE array, imploding the ip arrays using a comma delimiter so the array syntax matches the expected by libcurl. Note that this reorders the "foreach ip" and "foreach port" loops. Rather than looping over ips then ports, we now loop over ports then ips, since ports are part of the unique host:port map, and multiple ips can exist therein. Signed-off-by: Aaron Ball <nullspoon@oper.io>
* Update php licensesJohn Molakvoæ (skjnldsv)2021-06-048-13/+7
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* ensure redis returns bool for hasKeyArthur Schiwon2021-04-131-1/+1
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Strictify null checkLukas Reschke2021-04-061-2/+3
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Improve networking checksLukas Reschke2021-04-065-42/+316
| | | | | | Whilst we currently state that SSRF is generally outside of our threat model, this is something where we should invest to improve this. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Type the service registrationChristoph Wurst2021-02-101-2/+5
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Use RFC-compliant URL encoding for cookiesMarco Ziech2021-01-241-1/+1
| | | | | | | PHP 7.4.2 changed the way how cookies are decoded, applying RFC-compliant raw URL decoding. This leads to a conflict Nextcloud's own cookie encoding, breaking the remember-me function if the UID contains a space character. Fixes #24438 Signed-off-by: Marco Ziech <marco@ziech.net>
* Fix option in the client code itself as wellRoeland Jago Douma2021-01-121-6/+12
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Update license headersChristoph Wurst2020-12-301-3/+4
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Merge pull request #24702 from nextcloud/enhancement/well-known-handler-apiChristoph Wurst2020-12-181-0/+124
|\ | | | | Add well known handlers API
| * Add well known handlers APIChristoph Wurst2020-12-161-0/+124
| | | | | | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | Update all license headers for Nextcloud 21Christoph Wurst2020-12-161-0/+1
|/ | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Simple typo in commentsCarlos Ferreira2020-11-201-2/+2
|
* Always return the default path if we canRoeland Jago Douma2020-11-031-4/+0
| | | | | | | | Just check in the certifcate manager. So every part of the system that request the certificatebundle gets the defaullt one (the 99% case) if we can. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Update the license headers for Nextcloud 20Christoph Wurst2020-08-241-0/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* parse_url returns null in case a parameter is not foundJoas Schilling2020-07-291-1/+1
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Do not read certificate bundle from data dir by defaultMorris Jobke2020-05-251-7/+7
| | | | | | | | | | | Before the resources/config/ca-bundle.crt was only used when the list of custom certificates was empty and the instance was not installed. But it should also be used when the list is empty and the instance is installed. This is inverting the logic to stop if the instance is not installed to use the default bundle. And it also does this when the list is empty. Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Allow gzip encoded requests by defaultMorris Jobke2020-05-201-0/+4
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Update license headers for 19Christoph Wurst2020-04-293-1/+4
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Check all remotes for local accessJoas Schilling2020-04-142-10/+66
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-14 07:34:35 +0000