aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/legacy
Commit message (Collapse)AuthorAgeFilesLines
* fix(util): Correctly create Reflection of method for PHP 8.3+Joas Schilling2024-11-081-1/+6
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* fix(OpenAPI): Adjust array syntax to avoid ambiguitiesfix/openapi/array-syntaxprovokateurin2024-11-051-1/+1
| | | | Signed-off-by: provokateurin <kate@provokateurin.de>
* fix(appmanager): Fix tainted file path when loading appinfosbugfix/noid/fix-tainted-file-appinfoJoas Schilling2024-10-141-2/+3
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* fix(Auth): ignore missing token when trying to set password-unconfirmablefwdport/48445/masterArthur Schiwon2024-10-011-6/+14
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* chore: Drop unused legacy `OC_Files`Ferdinand Thiessen2024-09-281-428/+0
| | | | | | It is replaced with the Sabre `ZipFolderPlugin` and apps should use the `OCP\AppFramework\Http\StreamResponse`. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* chore(legacy): Introduce public version ct plass and drop version methods ↵clean/version-ocpJulius Knorr2024-09-202-86/+7
| | | | | | from OC_Util Signed-off-by: Julius Knorr <jus@bitgrid.net>
* chore: Add proper deprecation dates where missingFerdinand Thiessen2024-09-204-13/+13
| | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* chore: Remove old travis related stuffFerdinand Thiessen2024-09-191-2/+1
| | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* chore(deps): Update nextcloud/coding-standard to v1.3.1provokateurin2024-09-199-27/+27
| | | | Signed-off-by: provokateurin <kate@provokateurin.de>
* refactor(OC_Template): Remove deprecated ILoggerFerdinand Thiessen2024-09-191-8/+9
| | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* refactor(OC_Files): Remove deprecated ILoggerFerdinand Thiessen2024-09-191-7/+9
| | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* refactor(OC_Util): Remove deprecated ILoggerFerdinand Thiessen2024-09-191-2/+2
| | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* refactor(OC_Hook): Remove deprecated ILoggerFerdinand Thiessen2024-09-191-1/+4
| | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* refactor(OC_App): Remove ILogger usageFerdinand Thiessen2024-09-191-13/+15
| | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* fix: Remove legacy settings formschore/remove-legacy-settings-forsFerdinand Thiessen2024-09-171-28/+4
| | | | | | | | `OC_App::getForms` was always returning an empty array, because there were no setter for `adminForms` or `personalForms` anymore. So removed all that legacy settings forms logic. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* fix(Files): Handle getOwner() returning falsefix/storage/get-owner-falseprovokateurin2024-09-171-2/+1
| | | | Signed-off-by: provokateurin <kate@provokateurin.de>
* chore: Replace DI alias with real classchore/remove-deprecated-aliasesFerdinand Thiessen2024-09-171-3/+4
| | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* fix: Do not try to set HTTP response code on already closed connectionCôme Chilliet2024-09-141-1/+2
| | | | | | | | | This avoids a PHP warning in the logs about trying to set the response code while the output already started. It’s useless to try to print an error page anyway in this situation because the connection was closed already. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* fix: Replace OC_App::getAllApps with a method in AppManagerCôme Chilliet2024-09-131-24/+4
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* chore: Migrate cleanAppId and getAppPath calls to IAppManager from OC_AppCôme Chilliet2024-09-131-2/+1
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* fix: Move OC_API into \OC\ApiHelper in standard namespaceCôme Chilliet2024-09-091-162/+0
| | | | | | It’s only used by ocs/v1.php Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* fix: Move \OC_Image to \OC\Image with the other internal classesCôme Chilliet2024-08-291-1174/+0
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* fix: gracefully handle unexpected exif orientation typesRichard Steinmetz2024-08-271-9/+15
| | | | Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
* style: update codestyle for coding-standard 1.2.3Daniel Kesselberg2024-08-259-51/+51
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* feat: Provide CSP nonce as `<meta>` elementFerdinand Thiessen2024-08-131-1/+8
| | | | | | | | This way we use the CSP nonce for dynamically loaded scripts. Important to notice: The CSP nonce must NOT be injected in `content` as this can lead to value exfiltration using e.g. side-channel attacts (CSS selectors). Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* fix(SetupCheck): Properly check public access to data directoryFerdinand Thiessen2024-08-081-4/+4
| | | | | | | | | | | | | When checking for public (web) access to the data directory the status is not enough as you might have a webserver that forwards to e.g. a login page. So instead check that the content of the file matches. For this the `.ncdata` file (renamed from `.ocdata`¹) has minimal text content to allow checking. ¹The file was renamed from the legacy `.ocdata`, there is a repair step to remove the old one. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* Merge pull request #38364 from ↵John Molakvoæ2024-08-061-2/+49
|\ | | | | | | joshtrichards/jr-preview-libgd-webp-animation-bypass
| * fix(previews): Don't crash on animated WEBP imagesJosh Richards2024-05-301-2/+49
| | | | | | | | | | | | | | | | | | Fixes #30029 and #37263 libgd handles animated WEBP images poorly and generates a meaningless error message as a result. We were returning a 500 error for these preview requests (web) and a fatal error at the command-line (occ). Now we bypass libgd if the we detect an animated WEBP image (and simply don't generate the preview). No more 500 error. Should fix occ too. Signed-off-by: Josh Richards <josh.t.richards@gmail.com> Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
* | refactor: Migrate some legacy and core functions to `IFilenameValidator`Ferdinand Thiessen2024-07-191-2/+10
| | | | | | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* | Merge pull request #46342 from nextcloud/fix-getimagesizeJohn Molakvoæ2024-07-161-3/+3
|\ \
| * | fix(previews): Stop returning true when getimagesize() failsJosh Richards2024-07-151-3/+3
| | | | | | | | | | | | Signed-off-by: Josh Richards <josh.t.richards@gmail.com>
* | | refactor: Remove deprecated `Util` function for filename validation to ↵Ferdinand Thiessen2024-07-161-29/+0
|/ / | | | | | | | | | | `FilenameValidator` Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* | docs: correct return type for findAppInDirectoriesDaniel Kesselberg2024-07-111-2/+4
| | | | | | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | fix(Token): add FILESYSTEM scope with SCOPE_SKIP_PASSWORD_VALIDATIONArthur Schiwon2024-06-241-1/+4
| | | | | | | | | | | | | | | | | | | | The scope design requires scopes to be either not specified, or specified explicitely. Therefore, when setting the skip-password-validation scope for user authentication from mechanisms like SAML, we also have to set the filesystem scope, otherwise they will lack access to the filesystem. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* | chore: remove chunking-v1Robin Appelman2024-06-191-161/+0
| | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* | perf: Avoid reusing previous migration stepsJulius Härtl2024-06-181-3/+5
| | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* | Merge pull request #43942 from nextcloud/fix/43612/avoid-pwd-confirm-ssoArthur Schiwon2024-06-071-0/+10
|\ \ | | | | | | fix(Session): avoid password confirmation on SSO
| * | refactor(Token): introduce scope constantsArthur Schiwon2024-06-051-1/+2
| | | | | | | | | | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
| * | fix(Session): avoid password confirmation on SSOArthur Schiwon2024-06-051-0/+9
| |/ | | | | | | | | | | | | | | | | | | | | SSO backends like SAML and OIDC tried a trick to suppress password confirmations as they are not possible by design. At least for SAML it was not reliable when existing user backends where used as user repositories. Now we are setting a special scope with the token, and also make sure that the scope is taken over when tokens are regenerated. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* | Merge branch 'master' into refactor/OC-Server-getSecureRandomJohn Molakvoæ2024-05-301-4/+6
|\ \ | | | | | | Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
| * \ Merge branch 'master' into refactor/OC-Server-getL10NFactoryJohn Molakvoæ2024-05-301-2/+3
| |\ \ | | | | | | | | Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
| | * | Merge branch 'master' into refactor/OC-Server-getHTTPClientServiceJohn Molakvoæ2024-05-3015-794/+263
| | |\| | | | | | | | | Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
| | * | Refactor `OC\Server::getHTTPClientService`Andrew Summers2023-08-291-2/+3
| | | | | | | | | | | | | | | | Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>
| * | | Merge branch 'master' into refactor/OC-Server-getL10NFactoryJohn Molakvoæ2024-05-3015-794/+263
| |\ \ \ | | | |/ | | |/| Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
| * | | Refactor `OC\Server::getL10NFactory`Andrew Summers2023-08-291-2/+3
| | |/ | |/| | | | | | | Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>
* | | Merge branch 'master' into refactor/OC-Server-getSecureRandomJohn Molakvoæ2024-05-3015-794/+263
|\ \ \ | | |/ | |/| Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
| * | chore: Add SPDX headerAndy Scherzinger2024-05-2414-505/+55
| | | | | | | | | | | | Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
| * | fix(tests): Adjust theming test for new splitted background and primary colorsFerdinand Thiessen2024-05-211-2/+2
| | | | | | | | | | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
| * | fix: cleanup theming app codeFerdinand Thiessen2024-05-211-0/+13
| | | | | | | | | | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
| * | fix: Move OC_EventSource to OC namespaceCôme Chilliet2024-05-161-134/+0
| | | | | | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-21 22:46:36 +0000