summaryrefslogtreecommitdiffstats
path: root/lib/public/AppFramework/Http
Commit message (Collapse)AuthorAgeFilesLines
* Update license headers for 19Christoph Wurst2020-04-293-0/+3
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Add visibility to all constantsChristoph Wurst2020-04-101-2/+2
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Format control structures, classes, methods and functionChristoph Wurst2020-04-1017-50/+26
| | | | | | | | | | | | | | | To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Unify function spacing to PSR2 recommendationChristoph Wurst2020-04-096-15/+15
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Use exactly one empty line after the namespace declarationChristoph Wurst2020-04-095-5/+0
| | | | | | For PSR2 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix (array) indent style to always use one tabChristoph Wurst2020-04-094-5/+5
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Update the license headers for Nextcloud 19Christoph Wurst2020-03-316-2/+7
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Merge pull request #20170 from nextcloud/techdebt/remove-unused-importsChristoph Wurst2020-03-272-2/+0
|\ | | | | Remove unused imports
| * Remove unused importsChristoph Wurst2020-03-252-2/+0
| | | | | | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | Use the short array syntax, everywhereChristoph Wurst2020-03-265-9/+9
|/ | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* add docs for useJsNoncePavel Krasikov2020-03-151-0/+1
| | | | Signed-off-by: Pavel Krasikov <klonishe@gmail.com>
* Fix license headersChristoph Wurst2020-01-131-0/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Split the menu entry for external shares in twoDaniel Calviño Sánchez2019-12-301-5/+6
| | | | | | | | | | | | | | | | The external shares entry showed a "button" that, when pressed, replaced the button with the input to set the remote share address. The "button" was actually a label for the input, so when the label was focused it transferred the focus to the input and thus pressing enter or space did not show the input. Moreover, inputs inside links are not valid HTML, and once shown there was no way to hide the input again. Due to all this, and for consistency with the direct link input, the external share input was moved to a different menu item that is shown and hidden when the button, which nows is also a real button, is clicked. Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
* Format HTML elementsDaniel Calviño Sánchez2019-12-301-8/+8
| | | | Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
* Update license headersChristoph Wurst2019-12-0529-61/+97
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Some php-cs fixesRoeland Jago Douma2019-11-2210-7/+8
| | | | | | | | | | | * Order the imports * No leading slash on imports * Empty line before namespace * One line per import * Empty after imports * Emmpty line at bottom of file Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* set default CSP on NotFoundResponseRoeland Jago Douma2019-09-091-0/+1
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add deprecation warningRoeland Jago Douma2019-08-291-0/+1
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Do not enforce the parent constructor of response to be calledRoeland Jago Douma2019-08-191-10/+8
| | | | | | | If there is no policy set we just take the default empty ones. That way no obscure errors get thrown if the constructor is not called. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* frame-src doesn't respect the nonce attributeRoeland Jago Douma2019-08-161-3/+0
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add feature policy headerRoeland Jago Douma2019-08-104-0/+266
| | | | | | | This adds the events and the classes to modify the feature policy. It also adds a default restricted feature policy. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add form-action CSP elementRoeland Jago Douma2019-07-312-0/+35
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* No need to have these classes we tighten the default CSP from time toRoeland Jago Douma2019-07-273-0/+3
| | | | | | time Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Set empty CSP by defaultRoeland Jago Douma2019-04-1612-1/+34
| | | | | | | | | For #14179 By default responses should have the strictest (and simplest) CSP possible. Only template responses should require an actual CSP. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* CSP: set nonce for iframesRoeland Jago Douma2019-03-161-1/+5
| | | | | | | This for now uses the jsNonce. That way we can easily backport it. For 17 I will fix it properly. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Allow apps to redirect to the default appJoas Schilling2019-03-011-0/+40
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Add StandaloneTemplateResponseRoeland Jago Douma2019-02-061-0/+37
| | | | | | | This can be used by pages that do not have the full Nextcloud UI. So notifications etc do not load there. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Emit to load additionalscriptsRoeland Jago Douma2019-01-311-0/+3
| | | | | | | | | | | | | Fixes #13662 This will fire of an event after a Template Response has been returned. There is an event for the generic loading and one when logged in. So apps can chose to load only on loged in pages. This is a more generic approach than the files app event. As some things we might want to load on other pages as well besides the files app. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Set default frame-ancestors to 'self'Roeland Jago Douma2019-01-081-1/+3
| | | | | | For #13042 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* CSP: Allow fonts to be provided in dataRoeland Jago Douma2019-01-071-0/+1
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Basic CSP no longer deprecatedRoeland Jago Douma2018-11-081-1/+0
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add report-uri to CSPRoeland Jago Douma2018-10-212-0/+23
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Disallow unsafe-eval by defaultRoeland Jago Douma2018-10-141-6/+2
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add PHPDocMorris Jobke2018-10-021-4/+14
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* fixup! Add fix responseRoeland Jago Douma2018-10-021-1/+1
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* fixup! Add fix responseRoeland Jago Douma2018-10-021-3/+5
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add fix responseJakob Sack2018-10-021-0/+75
| | | | implements #7589
* Deprecate the childSrc functionsRoeland Jago Douma2018-09-041-0/+2
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add workerSrc to CSPRoeland Jago Douma2018-09-042-0/+34
| | | | | | | | | Fixes #11035 Since the child-src directive is deprecated (we should kill it at some point) we need to have the proper worker-src available Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Disallow eval on the StrictEvalCSPRoeland Jago Douma2018-07-111-1/+1
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add stricter CSPsRoeland Jago Douma2018-06-134-2/+192
| | | | | | | | | | | | * Deprecate our default CSP * Add strict CSP that is always our strictest setting * Add strict eval CSP (disable unsafe-eval) * Add strict inline CSP (disables inline styles) This is just to move forward and have a incremental improvement of our CSP Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Move caching logic to responseRoeland Jago Douma2018-06-041-2/+14
| | | | | | | | | | This avoids having to do it at all the places we want cached responses. We can't inject the ITimeFactor without breaking public API. However we can perfectly overwrite the service (resulting in the same testable effect). Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add since tagsJulius Härtl2018-04-052-1/+18
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Move external share saving to templateJulius Härtl2018-04-051-7/+3
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Add footer to public page templateJulius Härtl2018-04-051-0/+15
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Move common menu templates to public APIJulius Härtl2018-04-052-0/+130
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Remove settersJulius Härtl2018-02-271-48/+0
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Rework array handling to avoid phan errorJulius Härtl2018-02-271-27/+12
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Add id to list elementJulius Härtl2018-02-271-2/+2
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Sort menu by priorityJulius Härtl2018-02-271-0/+3
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-26 17:56:23 +0000