summaryrefslogtreecommitdiffstats
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
* Use proper branding againLukas Reschke2016-07-041-4/+4
| | | The merge of the theming app changed these defaults back again.
* [stable9] Use paramterized parameter for \OC\SystemTag\SystemTagManagerLukas Reschke2016-07-031-4/+1
| | | | $nameSearchPattern was passed in and directly appended to the SQL query. Luckily the code path isn't reached anywhere in Nextcloud or the included apps.
* initial commit for the theming appBjoern Schiessle2016-06-303-5/+26
|
* Merge pull request #266 from nextcloud/fix-262Björn Schießle2016-06-301-1/+11
|\ | | | | [stable9] getShareByToken() should also consider remote shares
| * getShareByToken() should also consider remote sharesBjoern Schiessle2016-06-301-1/+11
| |
* | Merge pull request #249 from nextcloud/add-exemption-for-acsLukas Reschke2016-06-301-0/+17
|\ \ | |/ |/| [stable9] Add exemption for ACS endpoint
| * Add exemption for ACS endpointLukas Reschke2016-06-291-0/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In a SAML scenario we don't get any strict or lax cookie send for the ACS endpoint. Since we have some legacy code in Nextcloud (direct PHP files) the enforcement of lax cookies is performed here instead of the middleware. This means we cannot exclude some routes from the cookie validation, which normally is not a problem but is a little bit cumbersome for this use-case. Once the old legacy PHP endpoints have been removed we can move the verification into a middleware and also adds some exemptions. Not super awesome code to have but the best that I could come up with that doesn't add another ton of technical debt.
* | add events to check passwords with the password policy appBjoern Schiessle2016-06-283-13/+22
|/
* Move OC_Channel to system configLukas Reschke2016-06-274-3/+57
| | | | | | | | The Nextcloud and ownCloud updaters allow someone to configure a custom release channel, this can then be used to publish different versions. (e.g. one channel stays on 9.x while another one already gets 10.x) There is however one big problem with it: The value is effectively stored in the app config, which is stored in the database. So to be able to read the update channel a connection to the database is necessary. This is quite error prone and also causes some of the issues in the original ownCloud updater. This moves the channel registration to the config.php and also includes a repair step.
* Merge remote-tracking branch 'upstream/stable9' into stable9-upstream-syncLukas Reschke2016-06-261-1/+1
|\
| * Merge pull request #25165 from owncloud/stable9-capped-user-cacheVincent Petry2016-06-201-2/+4
| |\ | | | | | | [stable9] Capped cache for user config
| | * Capped cache for user configJörn Friedrich Dreyer2016-06-171-2/+4
| | |
| * | Merge pull request #25160 from owncloud/fix-oracle-endless-loop-stable9Vincent Petry2016-06-171-0/+5
| |\ \ | | |/ | |/| Do not recurse link share fetching
| | * Do not recurse link share fetchingRoeland Jago Douma2016-06-171-0/+5
| | | | | | | | | | | | * Might fix an issue on oracle
| * | Revert "[stable9] Remove shares of the root folder" (#25157)Vincent Petry2016-06-172-147/+0
| |/
| * Remove shares of the root folder (#25138)Vincent Petry2016-06-172-0/+147
| |
| * Merge pull request #25149 from owncloud/backport25146Vincent Petry2016-06-161-1/+1
| |\ | | | | | | –emit correct signal when disabling an app
| | * –emit correct signal when disabling an appJörn Friedrich Dreyer2016-06-161-1/+1
| | |
| * | Capped cache for cache info in UserMountCacheVincent Petry2016-06-151-3/+14
| | |
| * | Use capped cache for encryption's user access listVincent Petry2016-06-131-0/+3
| | |
* | | some text-changes to nextcloudJoachim Sokolowski2016-06-221-11/+11
| | |
* | | Drop old authtoken table (pre 5.0.0)Morris Jobke2016-06-211-0/+1
| | | | | | | | | | | | * fixes #155
* | | Some more brandingLukas Reschke2016-06-2098-410/+410
| | |
* | | fixed codeMorris Jobke2016-06-202-8/+8
| | |
* | | Capped cache for user configJörn Friedrich Dreyer2016-06-201-2/+4
| | |
* | | Do not recurse link share fetchingRoeland Jago Douma2016-06-201-0/+5
| | | | | | | | | | | | * Might fix an issue on oracle
* | | Capped cache for cache info in UserMountCacheVincent Petry2016-06-201-3/+14
| | |
* | | Use capped cache for encryption's user access listVincent Petry2016-06-201-0/+3
| | |
* | | Soften the cookie check if no cookies are sentLukas Reschke2016-06-152-9/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When no cookies are sent it is not required to perform any check for the strict or lax cookie, it does not provide any significant security advantage. It does however interfer with the Android client which requests thumbnails from the unofficial API at `/index.php/apps/files/api/v1/thumbnail/256/256/{filename}`. This endpoint expects the strict cookie to be existent to not leak the existence of files. The Android client authenticates against this endpoint using Basic Auth and without cookies in some cases at least. This will make these endpoints work again with such cases. To test this issue the following cURL command once without the patch and once with: > curl http://localhost/index.php/apps/files/api/v1/thumbnail/256/256/welcome.txt -u admin -v Without the patch the request is redirected (which the client does not obey) and with the patch the preview is returned.
* | | Merge branch 'stable9' of https://github.com/owncloud/core into ↵Arthur Schiwon2016-06-132-0/+110
|\| | | | | | | | | | | downstream-160613
| * | Repair job to fix permissions for avatars (#25068)Roeland Douma2016-06-132-0/+110
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Backport of #24898 Cherry-picked: 1b66db72d916a763b1c22613b9df5c42e93593a8 60225284f3b8ef947f67bbe168b12dca867d6f3d 28d9ad2817b744bcef35a9259f65eb56b0b2ae78 But manually since we renamed stuff and the repair procedures changed
* | | Add more brandingLukas Reschke2016-06-131-1/+1
| | | | | | | | | | | | | | | - Shows "Nextcloud will be updated" in the updater screen - Shows "Nextcloud" if you add a bookmark on iOS instead of "ownCloud"
* | | Merge pull request #54 from nextcloud/backport-upload-only-sharesLukas Reschke2016-06-131-2/+3
|\ \ \ | | | | | | | | [stable9] Backport files drop feature
| * | | [stable9] Backport files drop featureLukas Reschke2016-06-111-2/+3
| | | |
* | | | Add ownCloud root CALukas Reschke2016-06-131-2/+9
| | | | | | | | | | | | | | | | As the apps from the appstore are at the moment signed by the ownCloud Root CA we have to add it as fallback as well. We can remove that once Nextcloud 10 with new appstore has been released.
* | | | [stable9] Use custom updater URLLukas Reschke2016-06-121-1/+1
| | | |
* | | | Link to Nextcloud Android clientLukas Reschke2016-06-121-1/+1
| | | |
* | | | Link to Nextcloud docsLukas Reschke2016-06-121-2/+2
| | | |
* | | | Revert "Remove "Help" link from personal sidebar"Lukas Reschke2016-06-121-4/+2
|/ / / | | | | | | | | | This reverts commit 34ad3f7ada1363b887b58f171ba1fd5ba71a3447.
* | | Merge pull request #37 from nextcloud/downstream-stable9-160610Lukas Reschke2016-06-114-14/+95
|\ \ \ | | | | | | | | Downstream stable9 16-06-10
| * | | Merge branch 'stable9' of https://github.com/owncloud/core into ↵Arthur Schiwon2016-06-104-14/+95
| |\| | | | | | | | | | | | | | downstream-stable9-160610
| | * | Merge pull request #25045 from owncloud/stable9-admin-datadircheck-fixVincent Petry2016-06-091-13/+24
| | |\ \ | | | | | | | | | | [stable9] Use temporary htaccesstest.txt for data dir security check
| | | * | Use temporary htaccesstest.txt for data dir security checkVincent Petry2016-06-091-13/+24
| | | | |
| | * | | skip scanning for a user when the user is not setup yetRobin Appelman2016-06-091-1/+6
| | |/ /
| | * | Fix update from 9.0.0 and 9.0.1 (#24854)VicDeo2016-06-072-0/+65
| | | |
* | | | Merge pull request #44 from nextcloud/stable9-add-same-site-cookiesLukas Reschke2016-06-118-0/+176
|\ \ \ \ | | | | | | | | | | [stable9] Add Same Site Cookie protection
| * | | | Add Same Site Cookie protectionLukas Reschke2016-06-108-0/+176
| |/ / /
* / / / backport design changeJan-Christoph Borchardt2016-06-101-7/+7
|/ / /
* | | Print error message again, when 3rdparty submodule is not initializedArthur Schiwon2016-06-081-1/+3
| | | | | | | | | | | | | | | - old code used Response which attempted to use OC::$server which is not and cannot be intialised at this part of the code.
* | | Remove "Help" link from personal sidebarLukas Reschke2016-06-061-2/+4
|/ / | | | | | | | | | | At the moment we want to hide the help link from the personal sidebar as it contains the original ownCloud documentation. Once we have our own documentation with our proper branding and so on we can reenable this.
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-04 11:05:57 +0000