aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/Security
Commit message (Collapse)AuthorAgeFilesLines
* introduce brute force protection for api callsBjoern Schiessle2017-01-181-3/+10
| | | | Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
* dont write a certificate bundle if the shipped ca bundle is emptyRobin Appelman2017-01-091-3/+17
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* Safari CSPv3 support is sub-parLukas Reschke2016-12-141-2/+0
| | | | | | | | With 10.0.1 CSPv3 is broken in Safari if it doesn't run from a local IP. Awesome. => Let's remove this for Safari and keep chrome and Firefox in the whitelist. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Add Identityproof testsRoeland Jago Douma2016-11-241-23/+4
| | | | | | | | | * Add tests for Key * Add tests for Manager * Add tests for Signer * Removed URLGenerator from Signer Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add a signer class for signingLukas Reschke2016-11-212-9/+148
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Add identity proofLukas Reschke2016-11-211-8/+7
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Add privateLukas Reschke2016-11-212-0/+136
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Fix missing update of session, when it was already used.Joas Schilling2016-11-021-0/+7
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Fix CSRF token generation / validationLeon Klingele2016-11-021-3/+3
| | | | | | | Operate on raw bytes instead of base64-encoded strings. Issue was introduced in a977465 Signed-off-by: Leon Klingele <git@leonklingele.de>
* Identify Chromium as ChromeJoas Schilling2016-10-261-2/+2
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Missing returns + autoloader fileLukas Reschke2016-10-251-0/+1
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Move browserSupportsCspV3 to CSPNonceManagerRoeland Jago Douma2016-10-251-1/+28
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add ContentSecurityPolicyNonceManagerLukas Reschke2016-10-241-0/+54
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Add support for CSP noncesLukas Reschke2016-10-242-4/+19
| | | | | | | | | | | | | | | | | CSP nonces are a feature available with CSP v2. Basically instead of saying "JS resources from the same domain are ok to be served" we now say "Ressources from everywhere are allowed as long as they add a `nonce` attribute to the script tag with the right nonce. At the moment the nonce is basically just a `<?php p(base64_encode($_['requesttoken'])) ?>`, we have to decode the requesttoken since `:` is not an allowed value in the nonce. So if somebody does on their own include JS files (instead of using the `addScript` public API, they now must also include that attribute.) IE does currently not implement CSP v2, thus there is a whitelist included that delivers the new CSP v2 policy to newer browsers. Check http://caniuse.com/#feat=contentsecuritypolicy2 for the current browser support list. An alternative approach would be to just add `'unsafe-inline'` as well as `'unsafe-inline'` is ignored by CSPv2 when a nonce is set. But this would make this security feature unusable at all in IE. Not worth it at the moment IMO. Implementing this offers the following advantages: 1. **Security:** As we host resources from the same domain by design we don't have to worry about 'self' anymore being in the whitelist 2. **Performance:** We can move oc.js again to inline JS. This makes the loading way quicker as we don't have to load on every load of a new web page a blocking dynamically non-cached JavaScript file. If you want to toy with CSP see also https://csp-evaluator.withgoogle.com/ Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* dont get bruteforce delay twiceRobin Appelman2016-08-291-1/+4
|
* Update with robinJoas Schilling2016-07-212-2/+2
|
* Fix othersJoas Schilling2016-07-2114-15/+32
|
* JSON encode the valuesLukas Reschke2016-07-201-1/+1
|
* Implement brute force protectionLukas Reschke2016-07-201-0/+230
| | | | | | | | | Class Throttler implements the bruteforce protection for security actions in Nextcloud. It is working by logging invalid login attempts to the database and slowing down all login attempts from the same subnet. The max delay is 30 seconds and the starting delay are 200 milliseconds. (after the first failed login)
* add test for needsRebundling() checkBjoern Schiessle2016-07-111-1/+11
|
* always check the mtime of the system bundle and additionally the user ↵Bjoern Schiessle2016-07-081-1/+2
| | | | specific certificate bundle if a user is given
* Disallow certain malformed domain names even if they match the trusted ↵Johannes Ernst2016-07-061-3/+6
| | | | | | domain expression Stricter checking for valid domain names
* Trusted domain wildcard checking made shorter, supporting multiple *Johannes Ernst2016-07-061-32/+8
| | | | Added test cases
* Duh, no 'next' in PHP.Johannes Ernst2016-07-061-2/+2
| | | | Use === instead of == for extra paranoia.
* Allow wildcard * to be used in trusted domains, to support setups where no ↵Johannes Ernst2016-07-051-2/+30
| | | | reliable DNS entry is available (e.g. mDNS) or for simple-to-setup aliasing (e.g. *.example.com)
* Update license headersLukas Reschke2016-05-2612-13/+13
|
* [master] Ignore certificate file if it starts with file://Lukas Reschke2016-04-211-0/+7
|
* Move \OC\Security to PSR-4Roeland Jago Douma2016-04-1413-0/+1537
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-01 08:14:10 +0000