summaryrefslogtreecommitdiffstats
path: root/lib/private/Security
Commit message (Expand)AuthorAgeFilesLines
* log failures to read certificates during listingRobin Appelman2023-07-101-1/+7
* Merge pull request #35092 from Messj1/bugfix/type-error-cert-manager-cache-pathJohn Molakvoæ2023-05-041-5/+12
|\
| * [BUGFIX] throw exception instead of error if unable to create file handler (o...Jan Messer2023-04-061-0/+4
| * [BUGFIX] check return value and improve error handlingJan Messer2023-04-061-5/+8
* | Use typed version of IConfig::getSystemValue as much as possibleCôme Chilliet2023-04-056-10/+10
|/
* Merge pull request #36836 from nextcloud/fix/view-type-cleanupCôme Chilliet2023-04-051-20/+10
|\
| * Fix return type of methods returning false on errorCôme Chilliet2023-04-031-20/+10
* | feat(security): Allow to opt-out of ratelimit protection, e.g. for testing on CIJoas Schilling2023-04-032-12/+29
|/
* composer run cs:fixCôme Chilliet2023-01-201-1/+0
* Add remote host validation APIChristoph Wurst2022-10-311-0/+76
* Add rate limiting on lost password emailsCôme Chilliet2022-10-181-3/+3
* Merge pull request #31499 from nextcloud/bugfix/empty-secretCarl Schwan2022-10-173-4/+31
|\
| * Mark method as deprecatedCarl Schwan2022-09-131-1/+0
| * Fix decryption fallback after adding a secretJulius Härtl2022-03-101-5/+10
| * Add fallback routines for empty secret casesJulius Härtl2022-03-103-2/+25
* | Port existing server code to new interfaceCarl Schwan2022-08-081-19/+12
* | Add a public interface for the bruteforce throttler and register for injectionJoas Schilling2022-07-281-5/+3
* | Fix typos in lib/private subdirectoryluz paz2022-07-271-1/+1
* | Only ignore attempts of the same actionJoas Schilling2022-07-071-4/+4
* | Fix detection of firefox in ContentSecurityPolicyNonceManagerCarl Schwan2022-06-291-4/+2
* | Validate requested length is random string generatorVincent Petry2022-05-121-1/+6
* | Merge pull request #32113 from nextcloud/bugfix/noid/fix-csp-merging-boolsVincent Petry2022-05-052-1/+13
|\ \
| * | Add CSP policy merge priority for booleansVincent Petry2022-04-012-1/+13
* | | Don't inject Bruteforce capability info in the webuiCarl Schwan2022-04-071-1/+2
|/ /
* | Migrate from ILogger to LoggerInterface in lib/privateCôme Chilliet2022-03-243-27/+11
* | cache the path of the certificate bundleRobin Appelman2022-03-171-7/+15
* | return default bundle when there is an error getting the bundleRobin Appelman2022-03-141-7/+11
* | Allow to set a strict-dynamic CSP through the APIJulius Härtl2022-03-091-0/+7
|/
* Use the new option to signaling insensitivityJoas Schilling2022-02-071-0/+2
* Make the DB query simpler (as we just deleted all other entries)Joas Schilling2022-01-281-3/+0
* Log bruteforce throttle and blockingJoas Schilling2022-01-181-0/+11
* Check style updateCarl Schwan2022-01-131-1/+1
* Don't query the bruteforce attempts when we just deleted themJoas Schilling2021-12-011-2/+6
* Type hint in IpAddress Vincent Petry2021-11-221-3/+2
* Improve normalizer detecting IPv4 inside of IPv6Vincent Petry2021-11-221-2/+42
* Fix getting subnet of ipv4 mapped ipv6 addressesVincent Petry2021-11-221-0/+2
* Add an OCP for trusted domain helperJoas Schilling2021-10-281-13/+19
* Set associative = true for cleanup jobDaniel Kesselberg2021-10-071-1/+1
* Merge pull request #28728 from nextcloud/add-database-backend-limiterLukas Reschke2021-09-134-24/+138
|\
| * Implement review feedbackLukas Reschke2021-09-131-3/+3
| * Apply suggestions from code review Lukas Reschke2021-09-131-7/+5
| * Implement PR review feedbackLukas Reschke2021-09-072-6/+1
| * phpcsLukas Reschke2021-09-061-1/+0
| * Adjust logic to store period instead of current timestampLukas Reschke2021-09-064-44/+30
| * Add database ratelimiting backendLukas Reschke2021-09-061-0/+136
* | Confirm mails only per POSTArthur Schiwon2021-09-091-0/+4
* | add a job to clean up expired verification tokensArthur Schiwon2021-09-092-4/+108
* | move verification token logic out of lost password controllerArthur Schiwon2021-09-091-0/+111
|/
* Throw exception if encrypting the data failed.Daniel Kesselberg2021-07-051-6/+16
* Update php licensesJohn Molakvoæ (skjnldsv)2021-06-0427-44/+20