summaryrefslogtreecommitdiffstats
path: root/lib/private/util.php
Commit message (Collapse)AuthorAgeFilesLines
* don't read certificates if ownCloud is not installedBjoern Schiessle2015-08-301-0/+1
|
* Add mitigation against BREACHLukas Reschke2015-08-141-2/+6
| | | | | | | | | | | | While BREACH requires the following three factors to be effectively exploitable we should add another mitigation: 1. Application must support HTTP compression 2. Response most reflect user-controlled input 3. Response should contain sensitive data Especially part 2 is with ownCloud not really given since user-input is usually only echoed if a CSRF token has been passed. To reduce the risk even further it is however sensible to encrypt the CSRF token with a shared secret. Since this will change on every request an attack such as BREACH is not feasible anymore against the CSRF token at least.
* Merge pull request #13641 from owncloud/cache-storage-statusVincent Petry2015-08-071-0/+8
|\ | | | | Store storage availability in database
| * Store storage availability in databaseRobin McCorkell2015-07-201-0/+8
| | | | | | | | | | | | | | | | Storage status is saved in the database. Failed storages are rechecked every 10 minutes, while working storages are rechecked every request. Using the files_external app will recheck all external storages when the settings page is viewed, or whenever an external storage is saved.
* | - more injectionThomas Müller2015-07-301-1/+2
|/ | | | | | - less static calls - use params on sql queries - handle sql exception on database and user creation gracefully
* Merge pull request #16965 from owncloud/getUserFolder-in-IRootFolderMorris Jobke2015-07-091-3/+3
|\ | | | | Add getUserFolder to IRootFolder
| * Add getUserFolder to IRootFolderMorris Jobke2015-07-031-3/+3
| | | | | | | | | | * untangle DI of user specific folders * allows to autodetect the dependency
* | Remove OC_AppconfigThomas Müller2015-07-031-3/+3
| |
* | Remove OC_LogThomas Müller2015-07-031-1/+1
| |
* | Merge pull request #15470 from rullzer/files_sharing_getUrlContentVincent Petry2015-07-031-0/+1
|\ \ | |/ |/| Move away from private static function OC_Util::getUrlContent
| * Depreatace OC_Util::getUrlContentRoeland Jago Douma2015-05-181-0/+1
| | | | | | | | It is just a wrapper and the other functions are deprecated already
* | update license headers and authorsMorris Jobke2015-06-251-1/+1
| |
* | Add type hint for OC_ChannelVictor Dubiniuk2015-05-271-0/+1
| |
* | Merge pull request #16339 from owncloud/master-override-channelThomas Müller2015-05-261-2/+15
|\ \ | | | | | | Allow change update channel via public API
| * | Allow change update channel via public APIVictor Dubiniuk2015-05-131-2/+15
| |/
* | Merge pull request #16075 from owncloud/skeleton-copy-delayVincent Petry2015-05-201-3/+0
|\ \ | | | | | | wait with copying the skeleton untill login and setupfs are done
| * | wait with copying the skeleton untill login and setupfs are doneRobin Appelman2015-05-181-3/+0
| |/
* | Clean-up of orthography, grammarChristian Hoffmann2015-05-191-2/+2
| | | | | | | | * Changed "instead to" to "instead of". * Changed "setup" to "set up" (past participle).
* | Mute XCache error when trying to clear the opcode cacheLukas Reschke2015-05-121-1/+1
|/ | | | | | | | | From https://github.com/owncloud/core/issues/16287: > This is caused by XCache at https://github.com/owncloud/core/blob/8e59d4c64b48ed7daeebb714e11213f7a22b5740/lib/private/util.php#L1276 where we are trying to reset the opcode cache with `XC_TYPE_PHP`. > I suspect that while XCache is installed its opcode component is not used. Unfortunately, the XCache API is not really properly documented and thus I don't know what API we would have to call to check whether the `XC_TYPE_PHP` cache is populated. In fact, there is an [open XCache bug](http://xcache.lighttpd.net/ticket/176) since 7 years that discusses this problem and is likely to never get fixed since XCache is abandonware. Fixes https://github.com/owncloud/core/issues/16287
* Don't depend on always_populate_raw_post_dataLukas Reschke2015-05-051-19/+0
|
* Check `mbstring.func_overload` only if the mb module is installed.Lukas Reschke2015-05-041-2/+17
| | | | Fixes https://github.com/owncloud/core/issues/14670
* Remove PHP 5.4 warning in checkSetupLukas Reschke2015-05-041-9/+0
| | | | This is catched in index.php as older PHP versions will never execute the code path until there due to 5.4 syntax changes.
* Remove hard-dependency on disabled output_bufferingLukas Reschke2015-05-041-1/+0
| | | | | | | | This removes the hard-dependency on output buffering as requested at https://github.com/owncloud/core/issues/16013 since a lot of distributions such as Debian and Ubuntu decided to use `4096` instead of the PHP recommended and documented default value of `off`. However, we still should encourage disabling this setting for improved performance and reliability thus the setting switches in `.user.ini` and `.htaccess` are remaining there. It is very likely that we in other cases also should disable the output buffering but aren't doing it everywhere and thus causing memory problems. Fixes https://github.com/owncloud/core/issues/16013
* Disallow Windows Server in Server CheckLukas Reschke2015-04-091-0/+13
| | | | Will prevent users from use ownCloud on Windows Server :see_no_evil:
* Removing left overs from old encryption appThomas Müller2015-04-071-45/+0
|
* setup mount manager before wrappersRobin Appelman2015-04-021-2/+4
|
* setup storage wrappers before setting up the filesystemRobin Appelman2015-04-011-29/+33
|
* Add check for activated local memcacheLukas Reschke2015-03-281-37/+6
| | | | | | Also used the opportunity to refactor it into an AppFramework controller so that we can unit test it. Fixes https://github.com/owncloud/core/issues/14956
* Check for relative datadirectory pathRobin McCorkell2015-03-271-5/+11
|
* Update license headersJenkins for ownCloud2015-03-261-2/+50
|
* Add wrapper for GuzzleLukas Reschke2015-03-251-20/+8
|
* Merge pull request #14704 from owncloud/storage-wrapper-mountRobin Appelman2015-03-191-0/+8
|\ | | | | pass mountpoint to storage wrapper callback
| * Copy mount options to the storageRobin Appelman2015-03-111-0/+8
| |
* | kill fileoperations proxyRobin Appelman2015-03-181-3/+0
| | | | | | | | check is now handled by storage backends
* | Add cURL as hard-dependencyLukas Reschke2015-03-121-3/+4
|/ | | | It is required by other functionalities such as S2S anyways and ownCloud will fail hard at a lot of places without it.
* Properly handle available databases at runtime and respect setup checks in ↵Thomas Müller2015-03-111-1/+1
| | | | command line as well
* No need to restart the web server in cli modeThomas Müller2015-03-111-1/+1
|
* Merge pull request #14346 from owncloud/storage-based-path-validationLukas Reschke2015-03-101-0/+1
|\ | | | | adding storage specific filename verification
| * deprecate isValidFileName()Thomas Müller2015-03-091-0/+1
| |
* | proper filename for "require version.php"Morris Jobke2015-03-091-1/+1
|/
* Use findLanguage() instead of creating the object firstJoas Schilling2015-03-031-2/+1
|
* Disable some server checks when running on HHVMLukas Reschke2015-02-281-25/+33
| | | | Ref https://github.com/owncloud/core/issues/10837#issuecomment-76516839
* Add notice about Travis ChecksLukas Reschke2015-02-271-0/+2
| | | Maybe it helps in the future so we won't forget it again :see_no_evil:
* Merge pull request #14530 from owncloud/revert-14403Thomas Müller2015-02-271-54/+2
|\ | | | | Revert "Updating license headers"
| * Revert "Updating license headers"Morris Jobke2015-02-261-54/+2
| | | | | | | | This reverts commit 6a1a4880f0d556fb090f19a5019fec31916f5c36.
* | Merge pull request #14474 from owncloud/move-utf-8-check-to-setupMorris Jobke2015-02-261-9/+6
|\ \ | |/ |/| Move UTF-8 check to setup
| * Move UTF-8 check to setupLukas Reschke2015-02-241-9/+6
| | | | | | | | | | | | | | | | Nobody reads the warnings anyways and so we should enforce it at installation time... Also allows us to get rid of some duplicated code. To test change the `default_charset` to something other than `utf-8` or `UTF-8`, both should work fine with that change here. An error should then get shown. We already set those default charsets in the shipped .user.ini and .htaccess
* | Remove unused and deprecated CodeLukas Reschke2015-02-251-10/+0
|/ | | | Function is not used anymore anywhere in the code base: https://github.com/search?q=user%3Aowncloud+secureRNGAvailable&type=Code&utf8=%E2%9C%93
* Fix namespace of OC_Setup -> \OC\SetupThomas Müller2015-02-231-1/+1
|
* Merge pull request #13829 from owncloud/appmanager-listVincent Petry2015-02-231-1/+5
|\ | | | | Better caching for enabled apps
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-01 06:50:30 +0000