summaryrefslogtreecommitdiffstats
path: root/lib/private/Security
Commit message (Expand)AuthorAgeFilesLines
* Return value immediately instead of assigning to a one-time variableMorris Jobke2018-01-261-3/+1
* Make OCP\Security stricterRoeland Jago Douma2018-01-162-11/+13
* Merge pull request #7850 from nextcloud/strict_ipaddressMorris Jobke2018-01-141-8/+8
|\
| * Make IPAddress typed and strictRoeland Jago Douma2018-01-141-8/+8
* | Merge pull request #7852 from nextcloud/strict_ratelimitingMorris Jobke2018-01-144-30/+39
|\ \
| * | Make OC\Security\RateLimiting strictRoeland Jago Douma2018-01-144-30/+39
| |/
* | Fix testsRoeland Jago Douma2018-01-141-2/+1
* | Strict ISecure randomRoeland Jago Douma2018-01-131-3/+5
|/
* Adds type hinting for scalar types in ICrypto->decryptMorris Jobke2018-01-131-1/+1
* Also replace all other occurencesMorris Jobke2017-12-181-1/+1
* Reset bruteforce attempt table on successful loginMorris Jobke2017-11-241-0/+27
* Update license headersMorris Jobke2017-11-0617-0/+34
* Add CSP frame-ancestors supportThomas Citharel2017-09-151-0/+14
* add prefix to user and system keys to avoid name collisionsBjoern Schiessle2017-08-101-2/+3
* extend the identity proof manager to allow system wide key pairsBjoern Schiessle2017-08-101-11/+44
* null is a valid parameterLukas Reschke2017-08-011-2/+2
* Replace wrong PHPDocsLukas Reschke2017-08-011-1/+1
* More phpstorm inspection fixesRoeland Jago Douma2017-07-243-6/+6
* Add Phan plugin to check for SQL injectionsLukas Reschke2017-07-201-0/+1
* Add bruteforce capabilitiesRoeland Jago Douma2017-07-131-0/+52
* Write cert bundle to tmp file firstRoeland Jago Douma2017-07-121-3/+16
* Automatic creation of Identity managerJoas Schilling2017-05-101-3/+4
* Do not write and read rootcerts.crt at the same timeRoeland Jago Douma2017-05-091-2/+3
* Mark IP as whitelisted if brute force protection is disabledLukas Reschke2017-05-011-0/+4
* Remove unused use statementsMorris Jobke2017-04-222-3/+0
* Remove expired attemptsLukas Reschke2017-04-132-12/+32
* Add support for ratelimiting via annotationsLukas Reschke2017-04-136-65/+400
* Respect bruteforce settings in the ThrottlerRoeland Jago Douma2017-04-021-0/+65
* introduce brute force protection for api callsBjoern Schiessle2017-01-181-3/+10
* dont write a certificate bundle if the shipped ca bundle is emptyRobin Appelman2017-01-091-3/+17
* Safari CSPv3 support is sub-parLukas Reschke2016-12-141-2/+0
* Add Identityproof testsRoeland Jago Douma2016-11-241-23/+4
* Add a signer class for signingLukas Reschke2016-11-212-9/+148
* Add identity proofLukas Reschke2016-11-211-8/+7
* Add privateLukas Reschke2016-11-212-0/+136
* Fix missing update of session, when it was already used.Joas Schilling2016-11-021-0/+7
* Fix CSRF token generation / validationLeon Klingele2016-11-021-3/+3
* Identify Chromium as ChromeJoas Schilling2016-10-261-2/+2
* Missing returns + autoloader fileLukas Reschke2016-10-251-0/+1
* Move browserSupportsCspV3 to CSPNonceManagerRoeland Jago Douma2016-10-251-1/+28
* Add ContentSecurityPolicyNonceManagerLukas Reschke2016-10-241-0/+54
* Add support for CSP noncesLukas Reschke2016-10-242-4/+19
* dont get bruteforce delay twiceRobin Appelman2016-08-291-1/+4
* Update with robinJoas Schilling2016-07-212-2/+2
* Fix othersJoas Schilling2016-07-2114-15/+32
* JSON encode the valuesLukas Reschke2016-07-201-1/+1
* Implement brute force protectionLukas Reschke2016-07-201-0/+230
* add test for needsRebundling() checkBjoern Schiessle2016-07-111-1/+11
* always check the mtime of the system bundle and additionally the user specifi...Bjoern Schiessle2016-07-081-1/+2
* Disallow certain malformed domain names even if they match the trusted domain...Johannes Ernst2016-07-061-3/+6