aboutsummaryrefslogtreecommitdiffstats
path: root/tests/lib/AppFramework/Http/ResponseTest.php
Commit message (Collapse)AuthorAgeFilesLines
* refactor: Add void return type to PHPUnit test methodsChristoph Wurst2024-09-151-21/+21
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* chore: Add SPDX headerAndy Scherzinger2024-05-131-18/+3
| | | | Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
* Stop sending deprecated Pragma headerGit'Fellow2023-08-281-2/+0
| | | | Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
* Add template types to responsesjld31032023-06-301-1/+4
| | | | Signed-off-by: jld3103 <jld3103yt@gmail.com>
* chore(appframework)!: Drop ↵Christoph Wurst2023-06-121-2/+0
| | | | | | \OCP\AppFramework\Http\EmptyContentSecurityPolicy::allowInlineScript Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Change X-Robots-Tag header from "none" to "noindex, nofollow"MichaIng2023-02-151-1/+1
| | | | | | | | | | While "none" is indeed equivalent to "noindex, nofollow" for Google, but seems to be not supported by Bing and probably other search engines. https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meta/name#other_metadata_names https://developers.google.com/search/docs/crawling-indexing/robots-meta-tag?hl=de#comma-separated-list https://www.bing.com/webmasters/help/which-robots-metatags-does-bing-support-5198d240 Signed-off-by: MichaIng <micha@dietpi.com>
* composer run cs:fixCôme Chilliet2023-01-201-1/+0
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* send request id in response headerRobin Appelman2022-02-011-1/+1
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* Fix DateTime constructor calls with nullCôme Chilliet2021-11-231-3/+3
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Set frame-ancestors to none if none are filledRoeland Jago Douma2020-11-181-1/+1
| | | | | | | | frame-ancestors doesn't fall back to default-src. So when we apply a very restricted CSP we should make sure to set it to 'none' and not leave it empty. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Fix robots "noindex, nofollow" signalsJoas Schilling2020-06-251-2/+3
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Merge pull request #21479 from nextcloud/fix/21474/allow_specifying_cookie_typeblizzz2020-06-221-6/+13
|\ | | | | Allow to specify the cookie type for appframework responses
| * Allow to specify the cookie type for appframework responsesRoeland Jago Douma2020-06-221-6/+13
| | | | | | | | | | | | | | | | | | In general it is good to set them to Lax. But also to give devs more control over them is not a bad thing. Helps with #21474 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Fix unit test of the ResponseTestRoeland Jago Douma2020-06-211-3/+3
|/ | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Fix http cache testClement Wong2020-05-121-1/+1
| | | | Signed-off-by: Clement Wong <git@clement.hk>
* Add visibility to all methods and position of static keywordChristoph Wurst2020-04-101-3/+3
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Format control structures, classes, methods and functionChristoph Wurst2020-04-101-1/+0
| | | | | | | | | | | | | | | To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Unify function spacing to PSR2 recommendationChristoph Wurst2020-04-091-4/+4
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Use exactly one empty line after the namespace declarationChristoph Wurst2020-04-091-1/+0
| | | | | | For PSR2 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Use the short array syntax, everywhereChristoph Wurst2020-03-261-31/+31
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Make phpunit8 compatibleRoeland Jago Douma2019-11-271-1/+1
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Some php-cs fixesRoeland Jago Douma2019-11-221-3/+1
| | | | | | | | | | | * Order the imports * No leading slash on imports * Empty line before namespace * One line per import * Empty after imports * Emmpty line at bottom of file Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add feature policy headerRoeland Jago Douma2019-08-101-1/+2
| | | | | | | This adds the events and the classes to modify the feature policy. It also adds a default restricted feature policy. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Set empty CSP by defaultRoeland Jago Douma2019-04-161-2/+2
| | | | | | | | | For #14179 By default responses should have the strictest (and simplest) CSP possible. Only template responses should require an actual CSP. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Set default frame-ancestors to 'self'Roeland Jago Douma2019-01-081-1/+1
| | | | | | For #13042 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* CSP: Allow fonts to be provided in dataRoeland Jago Douma2019-01-071-2/+2
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Disallow unsafe-eval by defaultRoeland Jago Douma2018-10-141-2/+2
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Move caching logic to responseRoeland Jago Douma2018-06-041-2/+12
| | | | | | | | | | This avoids having to do it at all the places we want cached responses. We can't inject the ITimeFactor without breaking public API. However we can perfectly overwrite the service (resulting in the same testable effect). Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add metadata to \OCP\AppFramework\Http\Response::throttleLukas Reschke2017-07-271-0/+5
| | | | | | Fixes https://github.com/nextcloud/server/issues/5891 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Make BruteForceProtection annotation more cleverLukas Reschke2017-04-131-0/+5
| | | | | | | | This makes the new `@BruteForceProtection` annotation more clever and moves the relevant code into it's own middleware. Basically you can now set `@BruteForceProtection(action=$key)` as annotation and that will make the controller bruteforce protected. However, the difference to before is that you need to call `$responmse->throttle()` to increase the counter. Before the counter was increased every time which leads to all kind of unexpected problems. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Fix unit testsMorris Jobke2017-03-281-2/+2
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Add base-uri to CSP policyLukas Reschke2017-03-161-2/+2
| | | | | | As per https://twitter.com/we1x/status/842032709543333890 a nice security hardening Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* set 'no-store' cache header if we do not want FF to cacheChristoph Wurst2017-01-091-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Move tests/ to PSR-4 (#24731)Joas Schilling2016-05-201-0/+267
* Move a-b to PSR-4 * Move c-d to PSR-4 * Move e+g to PSR-4 * Move h-l to PSR-4 * Move m-r to PSR-4 * Move s-u to PSR-4 * Move files/ to PSR-4 * Move remaining tests to PSR-4 * Remove Test\ from old autoloader
generated by cgit v1.2.3 (git 2.39.1) at 2025-06-07 10:52:20 +0000