Commit message (Expand) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Handle SameSiteCookie check for index.php in AppFramework Middleware | Roeland Jago Douma | 2017-09-24 | 2 | -2/+145 |
* | Add CSP frame-ancestors support | Thomas Citharel | 2017-09-15 | 1 | -0/+41 |
* | Remove explicit type hints for Controller | Lukas Reschke | 2017-08-01 | 1 | -4/+4 |
* | Merge pull request #5907 from nextcloud/add-metadata-to-throttle-call | Morris Jobke | 2017-08-01 | 2 | -0/+9 |
|\ | |||||
| * | Add metadata to \OCP\AppFramework\Http\Response::throttle | Lukas Reschke | 2017-07-27 | 2 | -0/+9 |
* | | Fix tests | Roeland Jago Douma | 2017-07-31 | 3 | -61/+66 |
* | | Fix middleware implementations signatures | Roeland Jago Douma | 2017-07-31 | 1 | -4/+5 |
|/ | |||||
* | Remove deprecated Controller Functions | Roeland Jago Douma | 2017-07-20 | 1 | -69/+0 |
* | Make BruteForceProtection annotation more clever | Lukas Reschke | 2017-04-13 | 3 | -75/+196 |
* | Add tests for multiple parameters | Lukas Reschke | 2017-04-13 | 1 | -5/+19 |
* | Move to dedicated MiddleWare | Lukas Reschke | 2017-04-13 | 2 | -40/+287 |
* | Add support for ratelimiting via annotations | Lukas Reschke | 2017-04-13 | 1 | -4/+40 |
* | Don't try to parse empty body if there is no body | Roeland Jago Douma | 2017-04-04 | 1 | -1/+4 |
* | Fix unit tests | Morris Jobke | 2017-03-28 | 5 | -111/+111 |
* | Add DI intergration tests | Roeland Jago Douma | 2017-03-21 | 1 | -0/+136 |
* | Extend DI tests | Roeland Jago Douma | 2017-03-21 | 1 | -5/+14 |
* | Adjust tests to include base-uri | Lukas Reschke | 2017-03-16 | 2 | -2/+2 |
* | Add base-uri to CSP policy | Lukas Reschke | 2017-03-16 | 3 | -109/+109 |
* | add test for skipping cookie checks for ocs | Robin Appelman | 2017-03-10 | 1 | -0/+25 |
* | oc_token should be nc_token | Christoph Wurst | 2017-02-02 | 1 | -1/+1 |
* | add some unit tests | Bjoern Schiessle | 2017-01-18 | 2 | -1/+85 |
* | fix controller test | Christoph Wurst | 2017-01-10 | 1 | -1/+1 |
* | fix data response test expected cache headers | Christoph Wurst | 2017-01-10 | 1 | -1/+1 |
* | set 'no-store' cache header if we do not want FF to cache | Christoph Wurst | 2017-01-09 | 1 | -1/+1 |
* | Merge pull request #2066 from nextcloud/fix-redirect-double-encoding | Morris Jobke | 2016-11-29 | 1 | -6/+6 |
|\ | |||||
| * | do not double encode the redirect url | Christoph Wurst | 2016-11-09 | 1 | -6/+6 |
* | | Harden cookies more appropriate | Lukas Reschke | 2016-11-23 | 1 | -0/+70 |
* | | Merge pull request #1447 from nextcloud/password-confirmation-for-some-actions | Morris Jobke | 2016-11-18 | 1 | -0/+5 |
|\ \ | |||||
| * | | Fix unit tests | Joas Schilling | 2016-11-18 | 1 | -0/+5 |
| |/ | |||||
* / | add tests for http/output | Robin Appelman | 2016-11-16 | 1 | -0/+31 |
|/ | |||||
* | Identify Chromium as Chrome | Joas Schilling | 2016-10-26 | 1 | -0/+14 |
* | Move browserSupportsCspV3 to CSPNonceManager | Roeland Jago Douma | 2016-10-25 | 1 | -5/+10 |
* | Add support for CSP nonces | Lukas Reschke | 2016-10-24 | 2 | -1/+76 |
* | Add tests | Roeland Jago Douma | 2016-09-15 | 2 | -38/+43 |
* | Fix getMock MapperTestUtility | Roeland Jago Douma | 2016-09-07 | 1 | -1/+1 |
* | Split OCS version handling | Roeland Jago Douma | 2016-09-06 | 2 | -28/+85 |
* | Add FileDisplayResponse | Roeland Jago Douma | 2016-09-05 | 1 | -0/+109 |
* | No body or content-length for 204 and 304 responses | Roeland Jago Douma | 2016-08-31 | 1 | -1/+28 |
* | Merge pull request #797 from nextcloud/only-match-for-auth-cookie | Joas Schilling | 2016-08-31 | 1 | -1/+77 |
|\ | |||||
| * | Match only for actual session cookie | Lukas Reschke | 2016-08-09 | 1 | -1/+77 |
* | | Remove reading PATH_INFO from server variable | Lukas Reschke | 2016-08-19 | 1 | -16/+0 |
* | | Add tests | Roeland Jago Douma | 2016-08-14 | 1 | -6/+70 |
* | | OCSController requires DataResponse | Roeland Jago Douma | 2016-08-10 | 1 | -52/+5 |
* | | Merge pull request #691 from nextcloud/ocs_allow_all_old_routes | Lukas Reschke | 2016-08-09 | 1 | -7/+7 |
|\ \ | |/ |/| | |||||
| * | Allow ocs/v2.php/cloud/... routes | Roeland Jago Douma | 2016-08-08 | 1 | -7/+7 |
* | | Hanlde Core and Settings app in AppFramework | Roeland Jago Douma | 2016-08-08 | 1 | -0/+51 |
|/ | |||||
* | We should properly check for 'true' instaed of the bool | Roeland Jago Douma | 2016-08-01 | 1 | -1/+2 |
* | Dark hackery to not always disable CSRF for OCS controllers | Roeland Jago Douma | 2016-07-29 | 1 | -0/+55 |
* | Support subdir in the OCS v2 endpoint | Roeland Jago Douma | 2016-07-27 | 1 | -0/+30 |
* | Add tests | Roeland Jago Douma | 2016-07-22 | 1 | -1/+35 |