aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/Security
Commit message (Collapse)AuthorAgeFilesLines
* fix(BackgroundJobs): Adjust intervals and time sensitivitiesprovokateurin2024-10-081-3/+2
| | | | Signed-off-by: provokateurin <kate@provokateurin.de>
* fix: gracefully parse non-standard trusted certificatesfix/gracefully-parse-trusted-certificatesRichard Steinmetz2024-09-241-0/+10
| | | | Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
* chore(deps): Update nextcloud/coding-standard to v1.3.1provokateurin2024-09-197-17/+17
| | | | Signed-off-by: provokateurin <kate@provokateurin.de>
* refactor: Replace __CLASS__ with ::class referencesrefactor/self-class-referenceChristoph Wurst2024-09-152-2/+2
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* chore: adjust code to adhere to coding standardAnna Larch2024-09-051-1/+1
| | | | Signed-off-by: Anna Larch <anna@nextcloud.com>
* style: update codestyle for coding-standard 1.2.3Daniel Kesselberg2024-08-255-6/+6
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* feat: Provide CSP nonce as `<meta>` elementFerdinand Thiessen2024-08-131-1/+2
| | | | | | | | This way we use the CSP nonce for dynamically loaded scripts. Important to notice: The CSP nonce must NOT be injected in `content` as this can lead to value exfiltration using e.g. side-channel attacts (CSS selectors). Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* fix: Make sure CSP nonce is not double base64 encodedFerdinand Thiessen2024-08-131-1/+4
| | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* Merge pull request #46571 from nextcloud/chore/migrate-to-filenamevalidatorStephan Orbaugh2024-07-221-14/+15
|\ | | | | refactor: Migrate some legacy and core functions to `IFilenameValidator`
| * refactor: Migrate some legacy and core functions to `IFilenameValidator`Ferdinand Thiessen2024-07-191-14/+15
| | | | | | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* | feat(Security): add Factory for IP addresses and rangesBenjamin Gaussorgues2024-07-191-0/+23
| | | | | | | | Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
* | feat(security): Add public API to allow validating IP Ranges and checking ↵Joas Schilling2024-07-194-64/+158
| | | | | | | | | | | | | | for "in range" Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
* | feat(security): restrict admin actions to IP rangesBenjamin Gaussorgues2024-07-191-0/+64
|/ | | | Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
* chore: More explicit splitHash typingChristopher Ng2024-07-041-1/+1
| | | | Signed-off-by: Christopher Ng <chrng8@gmail.com>
* feat: Add method to validate an IHasher hashChristopher Ng2024-07-041-0/+14
| | | | Signed-off-by: Christopher Ng <chrng8@gmail.com>
* fix: don't use custom certificate bundle if no customer certificates are ↵Robin Appelman2024-06-141-9/+9
| | | | | | configured Signed-off-by: Robin Appelman <robin@icewind.nl>
* Merge branch 'master' into refactor/OC-Server-getSecureRandomJohn Molakvoæ2024-05-3034-1159/+245
|\ | | | | Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
| * chore: Add SPDX headerAndy Scherzinger2024-05-2434-734/+82
| | | | | | | | Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
| * fix: Correctly check result of functionJoas Schilling2024-05-151-2/+2
| | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
| * fix(CSP): Add CSP nonce by default and convert `browserSupportsCspV3` to ↵Ferdinand Thiessen2024-03-261-8/+5
| | | | | | | | | | | | blocklist Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
| * Refactor `OC\Server::getHasher`Andrew Summers2024-03-151-2/+2
| | | | | | | | Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>
| * fix: Add edge as supported user agent for CSPv3 noncesJulius Härtl2024-03-081-0/+1
| | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
| * fix(security): Handle idn_to_utf8 returning falseJoas Schilling2023-12-041-0/+4
| | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
| * chore: apply changes from Nextcloud coding standards 1.1.1Joas Schilling2023-11-233-5/+5
| | | | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
| * feat(ContentSecurityPolicy): Allow to set `strict-dynamic` on ↵Ferdinand Thiessen2023-11-171-0/+8
| | | | | | | | | | | | | | | | | | `script-src-elem` only This adds the possibility to set `strict-dynamic` on `script-src-elem` only while keep the default rules for `script-src`. The idea is to allow loading module js which imports other files and thus does not allow nonces on import but on the initial script tag. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
| * Simplify IP address normalizer with IP masksBenjamin Gaussorgues2023-11-081-54/+15
| | | | | | | | | | | | Remove dead code Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
| * Refactors lib/private/Security.Faraz Samapoor2023-09-2710-201/+65
| | | | | | | | | | | | Mainly using PHP8's constructor property promotion. Signed-off-by: Faraz Samapoor <fsa@adlas.at>
| * Merge pull request #39013 from fsamapoor/refactor_lib_private_security_part3Robin Appelman2023-09-229-152/+53
| |\ | | | | | | [3/3] Refactors lib/private/Security
| | * Update lib/private/Security/Certificate.phpFaraz Samapoor2023-09-211-1/+0
| | | | | | | | | | | | Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com> Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
| | * Updates the typed properties.Faraz Samapoor2023-09-211-4/+4
| | | | | | | | | | | | | | | | | | | | | Based on: https://github.com/nextcloud/server/pull/39013#discussion_r1242340826 Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com> Signed-off-by: Faraz Samapoor <fsa@adlas.at>
| | * Refactors lib/private/Security.Faraz Samapoor2023-09-219-151/+53
| | | | | | | | | | | | | | | | | | Mainly using PHP8's constructor property promotion. Signed-off-by: Faraz Samapoor <fsa@adlas.at>
| * | feat(appframework): Expose programmatic rate limiterChristoph Wurst2023-09-202-2/+4
| |/ | | | | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* / Refactor `OC\Server::getSecureRandom`Andrew Summers2023-08-291-1/+1
|/ | | | Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>
* fix: Make bypass function public APIJoas Schilling2023-08-212-7/+8
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* feat: Expose if the own IP is allowed to bypass bruteforce protectionJoas Schilling2023-08-212-22/+12
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* feat(security): Add a "testing mode" for bruteforce protection that doesn't ↵Joas Schilling2023-08-211-2/+6
| | | | | | sleep Signed-off-by: Joas Schilling <coding@schilljs.com>
* feat(security): Add a bruteforce protection backend base on memcacheJoas Schilling2023-08-214-126/+430
| | | | | | Similar to the ratelimit backend Signed-off-by: Joas Schilling <coding@schilljs.com>
* Allow "wasm-unsafe-eval" in CSPDaniel Calviño Sánchez2023-08-101-0/+8
| | | | | | | | | | | | | | | | | | If a page has a Content Security Policy header and the `script-src` (or `default-src`) directive does not contain neither `wasm-unsafe-eval` nor `unsafe-eval` loading and executing WebAssembly is blocked in the page (although it is still possible to load and execute WebAssembly in a worker thread). Although the Nextcloud classes to manage the CSP already supported allowing `unsafe-eval` this affects not only WebAssembly, but also the `eval` operation in JavaScript. To make possible to allow WebAssembly execution without allowing JavaScript `eval` this commit adds support for allowing `wasm-unsafe-eval`. Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
* Refactors lib/private/Security.Faraz Samapoor2023-06-269-180/+107
| | | | | | Mainly using PHP8's constructor property promotion. Signed-off-by: Faraz Samapoor <fsa@adlas.at>
* Merge pull request #38261 from fsamapoor/replace_strpos_calls_in_lib_privateRobin Appelman2023-06-013-4/+3
|\ | | | | Refactors "strpos" calls in lib/private to improve code readability.
| * Refactors "strpos" calls in lib/private to improve code readability.Faraz Samapoor2023-05-153-4/+3
| | | | | | | | Signed-off-by: Faraz Samapoor <fsamapoor@gmail.com>
* | log failures to read certificates during listingRobin Appelman2023-05-311-1/+7
|/ | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* Merge pull request #35092 from Messj1/bugfix/type-error-cert-manager-cache-pathJohn Molakvoæ2023-05-041-5/+12
|\
| * [BUGFIX] throw exception instead of error if unable to create file handler ↵Jan Messer2023-04-061-0/+4
| | | | | | | | | | | | (only exceptions are catch) Signed-off-by: Jan Messer <jan@mtec-studios.ch>
| * [BUGFIX] check return value and improve error handlingJan Messer2023-04-061-5/+8
| | | | | | | | | | | | | | With S3 primary storage there was a problem with getting the CA bundle from the storage without having the CA bundle for the connection which causes that the CertificateManager was throwing an Error. This commit improves the handling in CertificateManager and log unexpected behaviors. Signed-off-by: Jan Messer <jan@mtec-studios.ch>
* | Use typed version of IConfig::getSystemValue as much as possibleCôme Chilliet2023-04-056-10/+10
|/ | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Merge pull request #36836 from nextcloud/fix/view-type-cleanupCôme Chilliet2023-04-051-20/+10
|\ | | | | Tidy up typing in OC\Files\View
| * Fix return type of methods returning false on errorCôme Chilliet2023-04-031-20/+10
| | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | feat(security): Allow to opt-out of ratelimit protection, e.g. for testing on CIJoas Schilling2023-04-032-12/+29
|/ | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* composer run cs:fixCôme Chilliet2023-01-201-1/+0
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-02 21:22:30 +0000