summaryrefslogtreecommitdiffstats
path: root/lib/private/Security
Commit message (Expand)AuthorAgeFilesLines
* Fix the thorrtler whitelist bitmaskRoeland Jago Douma2019-02-121-2/+4
* Throw exception if decryption failsRoeland Jago Douma2018-11-141-4/+10
* Merge pull request #11914 from nextcloud/csp/report-uriMorris Jobke2018-10-231-0/+8
|\
| * Add report-uri to CSPRoeland Jago Douma2018-10-211-0/+8
* | Add nonce for Safari 12+Roeland Jago Douma2018-10-211-0/+2
|/
* Deprecate the childSrc functionsRoeland Jago Douma2018-09-041-0/+2
* Add workerSrc to CSPRoeland Jago Douma2018-09-041-0/+8
* Fix #9864: Decrease $maxDelay in Throttler.phpMark Berezovsky2018-06-151-1/+1
* Add ARGON2I support to the hasherRoeland Jago Douma2018-04-041-9/+36
* Make \OC\Security\IdentityProof strictRoeland Jago Douma2018-03-053-10/+13
* Merge pull request #8659 from nextcloud/csrf_token_strictRoeland Jago Douma2018-03-054-13/+17
|\
| * Make \OC\Security\CSRF strictRoeland Jago Douma2018-03-054-13/+17
* | Make OC\Security\CSP strictRoeland Jago Douma2018-03-053-30/+33
|/
* Return value immediately instead of assigning to a one-time variableMorris Jobke2018-01-261-3/+1
* Make OCP\Security stricterRoeland Jago Douma2018-01-162-11/+13
* Merge pull request #7850 from nextcloud/strict_ipaddressMorris Jobke2018-01-141-8/+8
|\
| * Make IPAddress typed and strictRoeland Jago Douma2018-01-141-8/+8
* | Merge pull request #7852 from nextcloud/strict_ratelimitingMorris Jobke2018-01-144-30/+39
|\ \
| * | Make OC\Security\RateLimiting strictRoeland Jago Douma2018-01-144-30/+39
| |/
* | Fix testsRoeland Jago Douma2018-01-141-2/+1
* | Strict ISecure randomRoeland Jago Douma2018-01-131-3/+5
|/
* Adds type hinting for scalar types in ICrypto->decryptMorris Jobke2018-01-131-1/+1
* Also replace all other occurencesMorris Jobke2017-12-181-1/+1
* Reset bruteforce attempt table on successful loginMorris Jobke2017-11-241-0/+27
* Update license headersMorris Jobke2017-11-0617-0/+34
* Add CSP frame-ancestors supportThomas Citharel2017-09-151-0/+14
* add prefix to user and system keys to avoid name collisionsBjoern Schiessle2017-08-101-2/+3
* extend the identity proof manager to allow system wide key pairsBjoern Schiessle2017-08-101-11/+44
* null is a valid parameterLukas Reschke2017-08-011-2/+2
* Replace wrong PHPDocsLukas Reschke2017-08-011-1/+1
* More phpstorm inspection fixesRoeland Jago Douma2017-07-243-6/+6
* Add Phan plugin to check for SQL injectionsLukas Reschke2017-07-201-0/+1
* Add bruteforce capabilitiesRoeland Jago Douma2017-07-131-0/+52
* Write cert bundle to tmp file firstRoeland Jago Douma2017-07-121-3/+16
* Automatic creation of Identity managerJoas Schilling2017-05-101-3/+4
* Do not write and read rootcerts.crt at the same timeRoeland Jago Douma2017-05-091-2/+3
* Mark IP as whitelisted if brute force protection is disabledLukas Reschke2017-05-011-0/+4
* Remove unused use statementsMorris Jobke2017-04-222-3/+0
* Remove expired attemptsLukas Reschke2017-04-132-12/+32
* Add support for ratelimiting via annotationsLukas Reschke2017-04-136-65/+400
* Respect bruteforce settings in the ThrottlerRoeland Jago Douma2017-04-021-0/+65
* introduce brute force protection for api callsBjoern Schiessle2017-01-181-3/+10
* dont write a certificate bundle if the shipped ca bundle is emptyRobin Appelman2017-01-091-3/+17
* Safari CSPv3 support is sub-parLukas Reschke2016-12-141-2/+0
* Add Identityproof testsRoeland Jago Douma2016-11-241-23/+4
* Add a signer class for signingLukas Reschke2016-11-212-9/+148
* Add identity proofLukas Reschke2016-11-211-8/+7
* Add privateLukas Reschke2016-11-212-0/+136
* Fix missing update of session, when it was already used.Joas Schilling2016-11-021-0/+7
* Fix CSRF token generation / validationLeon Klingele2016-11-021-3/+3