| Commit message (Expand) | Author | Age | Files | Lines |
* | test: Test hash validation | Christopher Ng | 2024-07-04 | 1 | -0/+25 |
* | chore: Add SPDX header | Andy Scherzinger | 2024-05-13 | 28 | -429/+70 |
* | fix(security): Handle idn_to_utf8 returning false | Joas Schilling | 2023-12-04 | 1 | -3/+12 |
* | chore: apply changes from Nextcloud coding standards 1.1.1 | Joas Schilling | 2023-11-23 | 3 | -11/+11 |
* | fix(CSP): Only add `strict-dynamic` when using nonces | Ferdinand Thiessen | 2023-11-17 | 1 | -2/+2 |
* | fix!(ContentSecurityPolicy): Make `strict-dynamic` enabled by default on `scr... | Ferdinand Thiessen | 2023-11-17 | 1 | -2/+2 |
* | fix: Make bypass function public API | Joas Schilling | 2023-08-21 | 2 | -5/+5 |
* | feat: Expose if the own IP is allowed to bypass bruteforce protection | Joas Schilling | 2023-08-21 | 1 | -4/+11 |
* | feat(security): Add a bruteforce protection backend base on memcache | Joas Schilling | 2023-08-21 | 2 | -23/+164 |
* | fix: Align doc type with creation | Joas Schilling | 2023-07-27 | 2 | -4/+2 |
* | chore(appframework)!: Drop \OCP\AppFramework\Http\EmptyContentSecurityPolicy:... | Christoph Wurst | 2023-06-12 | 1 | -6/+2 |
* | Adapt tests to config value typing | Côme Chilliet | 2023-04-05 | 4 | -11/+11 |
* | Merge pull request #37542 from nextcloud/bugfix/noid/allow-to-opt-out-of-rate... | Joas Schilling | 2023-04-03 | 1 | -0/+9 |
|\ |
|
| * | feat(security): Allow to opt-out of ratelimit protection, e.g. for testing on CI | Joas Schilling | 2023-04-03 | 1 | -0/+9 |
* | | fix DBAL exception handling in setValues | Arthur Schiwon | 2023-03-31 | 1 | -2/+21 |
|/ |
|
* | composer run cs:fix | Côme Chilliet | 2023-01-20 | 6 | -6/+0 |
* | Fix syntax in VerificationTokenTest.php | Côme Chilliet | 2022-11-15 | 1 | -1/+1 |
* | Fix dynamic properties and other problems in tests for PHP 8.2 | Côme Chilliet | 2022-11-14 | 1 | -4/+7 |
* | Add remote host validation API | Christoph Wurst | 2022-10-31 | 2 | -0/+255 |
* | Remove deprecated at matcher from tests/lib | Côme Chilliet | 2022-08-29 | 2 | -25/+25 |
* | Validate requested length is random string generator | Vincent Petry | 2022-05-12 | 1 | -1/+16 |
* | Add CSP policy merge priority for booleans | Vincent Petry | 2022-04-01 | 1 | -1/+2 |
* | Migrate from ILogger to LoggerInterface where needed in the tests | Côme Chilliet | 2022-03-24 | 3 | -9/+9 |
* | Allow to set a strict-dynamic CSP through the API | Julius Härtl | 2022-03-09 | 1 | -0/+2 |
* | Check style update | Carl Schwan | 2022-01-13 | 1 | -1/+1 |
* | Improve normalizer detecting IPv4 inside of IPv6 | Vincent Petry | 2021-11-22 | 1 | -1/+9 |
* | Fix getting subnet of ipv4 mapped ipv6 addresses | Vincent Petry | 2021-11-22 | 1 | -0/+4 |
* | Add an OCP for trusted domain helper | Joas Schilling | 2021-10-28 | 1 | -10/+23 |
* | Remove tests that just prove mocked calls and don't actually validate anythin... | Julius Härtl | 2021-09-27 | 1 | -81/+0 |
* | Merge pull request #28728 from nextcloud/add-database-backend-limiter | Lukas Reschke | 2021-09-13 | 2 | -36/+19 |
|\ |
|
| * | Adjust tests | Lukas Reschke | 2021-09-06 | 2 | -16/+12 |
| * | Adjust logic to store period instead of current timestamp | Lukas Reschke | 2021-09-06 | 2 | -20/+7 |
* | | add a job to clean up expired verification tokens | Arthur Schiwon | 2021-09-09 | 1 | -2/+39 |
* | | move verification token logic out of lost password controller | Arthur Schiwon | 2021-09-09 | 1 | -0/+272 |
|/ |
|
* | Merge pull request #26626 from J0WI/strict-security | Roeland Jago Douma | 2021-05-18 | 22 | -0/+64 |
|\ |
|
| * | Make Security module strict | J0WI | 2021-04-19 | 22 | -0/+64 |
* | | Update CredentialsManagerTest.php | Joas Schilling | 2021-04-21 | 1 | -3/+0 |
* | | Fix security credentials manager test | Joas Schilling | 2021-04-20 | 1 | -18/+11 |
|/ |
|
* | Increase subnet matcher | Lukas Reschke | 2021-04-07 | 1 | -2/+10 |
* | Bump nextcloud/coding-standard from 0.3.0 to 0.5.0 | dependabot-preview[bot] | 2021-02-18 | 1 | -1/+1 |
* | Bump doctrine/dbal from 2.12.0 to 3.0.0 | Christoph Wurst | 2021-01-08 | 1 | -4/+11 |
* | Improve CertificateManager to not be user context dependent | Morris Jobke | 2020-11-03 | 1 | -42/+19 |
* | Implement unit tests for versions 1 and 2. | lynn-stephenson | 2020-10-15 | 1 | -0/+20 |
* | Format code to a single space around binary operators | Christoph Wurst | 2020-10-05 | 1 | -4/+4 |
* | Don't break when the IP is empty | Joas Schilling | 2020-09-10 | 1 | -2/+22 |
* | Change PHPDoc type hint from PHPUnit_Framework_MockObject_MockObject to \PHPU... | Morris Jobke | 2020-08-12 | 7 | -23/+23 |
* | Use random_bytes | Roeland Jago Douma | 2020-05-11 | 1 | -4/+11 |
* | Fix Argon2 options checks | MichaIng | 2020-04-30 | 1 | -0/+5 |
* | fix credentialsManager documentation and ensure userId to be used as string | Arthur Schiwon | 2020-04-15 | 1 | -3/+3 |
* | add DB tests for credentials manager | Arthur Schiwon | 2020-04-15 | 1 | -0/+33 |