aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/legacy
Commit message (Collapse)AuthorAgeFilesLines
* fix(Files): Handle getOwner() returning falsefix/storage/get-owner-falseprovokateurin2024-09-171-2/+1
| | | | Signed-off-by: provokateurin <kate@provokateurin.de>
* chore: Replace DI alias with real classchore/remove-deprecated-aliasesFerdinand Thiessen2024-09-171-3/+4
| | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* fix: Do not try to set HTTP response code on already closed connectionCôme Chilliet2024-09-141-1/+2
| | | | | | | | | This avoids a PHP warning in the logs about trying to set the response code while the output already started. It’s useless to try to print an error page anyway in this situation because the connection was closed already. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* fix: Replace OC_App::getAllApps with a method in AppManagerCôme Chilliet2024-09-131-24/+4
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* chore: Migrate cleanAppId and getAppPath calls to IAppManager from OC_AppCôme Chilliet2024-09-131-2/+1
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* fix: Move OC_API into \OC\ApiHelper in standard namespaceCôme Chilliet2024-09-091-162/+0
| | | | | | It’s only used by ocs/v1.php Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* fix: Move \OC_Image to \OC\Image with the other internal classesCôme Chilliet2024-08-291-1174/+0
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* fix: gracefully handle unexpected exif orientation typesRichard Steinmetz2024-08-271-9/+15
| | | | Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
* style: update codestyle for coding-standard 1.2.3Daniel Kesselberg2024-08-259-51/+51
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* feat: Provide CSP nonce as `<meta>` elementFerdinand Thiessen2024-08-131-1/+8
| | | | | | | | This way we use the CSP nonce for dynamically loaded scripts. Important to notice: The CSP nonce must NOT be injected in `content` as this can lead to value exfiltration using e.g. side-channel attacts (CSS selectors). Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* fix(SetupCheck): Properly check public access to data directoryFerdinand Thiessen2024-08-081-4/+4
| | | | | | | | | | | | | When checking for public (web) access to the data directory the status is not enough as you might have a webserver that forwards to e.g. a login page. So instead check that the content of the file matches. For this the `.ncdata` file (renamed from `.ocdata`¹) has minimal text content to allow checking. ¹The file was renamed from the legacy `.ocdata`, there is a repair step to remove the old one. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* Merge pull request #38364 from ↵John Molakvoæ2024-08-061-2/+49
|\ | | | | | | joshtrichards/jr-preview-libgd-webp-animation-bypass
| * fix(previews): Don't crash on animated WEBP imagesJosh Richards2024-05-301-2/+49
| | | | | | | | | | | | | | | | | | Fixes #30029 and #37263 libgd handles animated WEBP images poorly and generates a meaningless error message as a result. We were returning a 500 error for these preview requests (web) and a fatal error at the command-line (occ). Now we bypass libgd if the we detect an animated WEBP image (and simply don't generate the preview). No more 500 error. Should fix occ too. Signed-off-by: Josh Richards <josh.t.richards@gmail.com> Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
* | refactor: Migrate some legacy and core functions to `IFilenameValidator`Ferdinand Thiessen2024-07-191-2/+10
| | | | | | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* | Merge pull request #46342 from nextcloud/fix-getimagesizeJohn Molakvoæ2024-07-161-3/+3
|\ \
| * | fix(previews): Stop returning true when getimagesize() failsJosh Richards2024-07-151-3/+3
| | | | | | | | | | | | Signed-off-by: Josh Richards <josh.t.richards@gmail.com>
* | | refactor: Remove deprecated `Util` function for filename validation to ↵Ferdinand Thiessen2024-07-161-29/+0
|/ / | | | | | | | | | | `FilenameValidator` Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* | docs: correct return type for findAppInDirectoriesDaniel Kesselberg2024-07-111-2/+4
| | | | | | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | fix(Token): add FILESYSTEM scope with SCOPE_SKIP_PASSWORD_VALIDATIONArthur Schiwon2024-06-241-1/+4
| | | | | | | | | | | | | | | | | | | | The scope design requires scopes to be either not specified, or specified explicitely. Therefore, when setting the skip-password-validation scope for user authentication from mechanisms like SAML, we also have to set the filesystem scope, otherwise they will lack access to the filesystem. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* | chore: remove chunking-v1Robin Appelman2024-06-191-161/+0
| | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* | perf: Avoid reusing previous migration stepsJulius Härtl2024-06-181-3/+5
| | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* | Merge pull request #43942 from nextcloud/fix/43612/avoid-pwd-confirm-ssoArthur Schiwon2024-06-071-0/+10
|\ \ | | | | | | fix(Session): avoid password confirmation on SSO
| * | refactor(Token): introduce scope constantsArthur Schiwon2024-06-051-1/+2
| | | | | | | | | | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
| * | fix(Session): avoid password confirmation on SSOArthur Schiwon2024-06-051-0/+9
| |/ | | | | | | | | | | | | | | | | | | | | SSO backends like SAML and OIDC tried a trick to suppress password confirmations as they are not possible by design. At least for SAML it was not reliable when existing user backends where used as user repositories. Now we are setting a special scope with the token, and also make sure that the scope is taken over when tokens are regenerated. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* | Merge branch 'master' into refactor/OC-Server-getSecureRandomJohn Molakvoæ2024-05-301-4/+6
|\ \ | | | | | | Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
| * \ Merge branch 'master' into refactor/OC-Server-getL10NFactoryJohn Molakvoæ2024-05-301-2/+3
| |\ \ | | | | | | | | Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
| | * | Merge branch 'master' into refactor/OC-Server-getHTTPClientServiceJohn Molakvoæ2024-05-3015-794/+263
| | |\| | | | | | | | | Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
| | * | Refactor `OC\Server::getHTTPClientService`Andrew Summers2023-08-291-2/+3
| | | | | | | | | | | | | | | | Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>
| * | | Merge branch 'master' into refactor/OC-Server-getL10NFactoryJohn Molakvoæ2024-05-3015-794/+263
| |\ \ \ | | | |/ | | |/| Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
| * | | Refactor `OC\Server::getL10NFactory`Andrew Summers2023-08-291-2/+3
| | |/ | |/| | | | | | | Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>
* | | Merge branch 'master' into refactor/OC-Server-getSecureRandomJohn Molakvoæ2024-05-3015-794/+263
|\ \ \ | | |/ | |/| Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
| * | chore: Add SPDX headerAndy Scherzinger2024-05-2414-505/+55
| | | | | | | | | | | | Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
| * | fix(tests): Adjust theming test for new splitted background and primary colorsFerdinand Thiessen2024-05-211-2/+2
| | | | | | | | | | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
| * | fix: cleanup theming app codeFerdinand Thiessen2024-05-211-0/+13
| | | | | | | | | | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
| * | fix: Move OC_EventSource to OC namespaceCôme Chilliet2024-05-161-134/+0
| | | | | | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
| * | feat(exception-template): allow to link to specific documentation for how to ↵Simon L.2024-05-141-0/+2
| | | | | | | | | | | | | | | | | | retreive server log Signed-off-by: Simon L <szaimen@e.mail.de>
| * | fix(OC_Image): Set correct return type for exif_imagetype stubprovokateurin2024-05-061-1/+1
| | | | | | | | | | | | Signed-off-by: provokateurin <kate@provokateurin.de>
| * | fix: Fix small psalm errors in legacyCôme Chilliet2024-04-302-2/+2
| | | | | | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
| * | fix: Drop workarounds for unsupported obsolete PHP versionsCôme Chilliet2024-04-221-2/+1
| | | | | | | | | | | | | | | | | | Also improved error handling in Installer.php to be type safe. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
| * | fix: Migrate away from OC_App toward the IAppManagerCôme Chilliet2024-04-221-1/+1
| | | | | | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
| * | fix: Fix typing issues related to resource migrationCôme Chilliet2024-04-091-47/+29
| | | | | | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
| * | fix: Fix new psalm errors from updateCôme Chilliet2024-04-081-1/+1
| | | | | | | | | | | | | | | | | | | | | Not sure about the SimpleContainer modification, let’s see what CI says about that. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
| * | fix: Apply new coding standard to all filesCôme Chilliet2024-04-024-7/+7
| | | | | | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
| * | fix(preview): webp preview formatRichard Steinmetz2024-03-261-0/+26
| | | | | | | | | | | | Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
| * | fix(logging): Restore the option to log with debug levelJoas Schilling2024-03-221-2/+2
| | | | | | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
| * | fix: Implement option to temporarily set the user sessionJulius Härtl2024-03-191-1/+2
| | | | | | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
| * | Merge pull request #40127 from ↵John Molakvoæ2024-03-152-2/+6
| |\ \ | | | | | | | | | | | | summersab/refactor/OC-Server-getTwoFactorAuthManager
| | * | Refactor `OC\Server::getTwoFactorAuthManager`Andrew Summers2024-03-152-2/+6
| | | | | | | | | | | | | | | | Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>
| * | | Merge branch 'master' into refactor/OC-Server-getRootFolderJohn Molakvoæ2024-03-159-80/+102
| |\| | | | | | | | | | Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
| | * | Merge pull request #43996 from nextcloud/feat/store-last-known-quota-usageCôme Chilliet2024-03-071-0/+5
| | |\ \ | | | | | | | | | | feat: Store last known quota usage for a user
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-22 03:52:24 +0000