aboutsummaryrefslogtreecommitdiffstats
path: root/tests/lib/appframework/middleware/MiddlewareTest.php
Commit message (Collapse)AuthorAgeFilesLines
* Move tests/ to PSR-4 (#24731)Joas Schilling2016-05-201-99/+0
| | | | | | | | | | | | | | | | | | | | * Move a-b to PSR-4 * Move c-d to PSR-4 * Move e+g to PSR-4 * Move h-l to PSR-4 * Move m-r to PSR-4 * Move s-u to PSR-4 * Move files/ to PSR-4 * Move remaining tests to PSR-4 * Remove Test\ from old autoloader
* Fix namespaces in AppFramework testsJoas Schilling2016-05-181-1/+1
|
* Remove dependency on ICrypto + use XORLukas Reschke2015-10-211-1/+0
|
* Add mitigation against BREACHLukas Reschke2015-08-141-0/+1
| | | | | | | | | | | | While BREACH requires the following three factors to be effectively exploitable we should add another mitigation: 1. Application must support HTTP compression 2. Response most reflect user-controlled input 3. Response should contain sensitive data Especially part 2 is with ownCloud not really given since user-input is usually only echoed if a CSRF token has been passed. To reduce the risk even further it is however sensible to encrypt the CSRF token with a shared secret. Since this will change on every request an attack such as BREACH is not feasible anymore against the CSRF token at least.
* Refactor OC_Request into TrustedDomainHelper and IRequestLukas Reschke2015-02-161-2/+8
| | | | | | | | | | This changeset removes the static class `OC_Request` and moves the functions either into `IRequest` which is accessible via `\OC::$server::->getRequest()` or into a separated `TrustedDomainHelper` class for some helper methods which should not be publicly exposed. This changes only internal methods and nothing on the public API. Some public functions in `util.php` have been deprecated though in favour of the new non-static functions. Unfortunately some part of this code uses things like `__DIR__` and thus is not completely unit-testable. Where tests where possible they ahve been added though. Fixes https://github.com/owncloud/core/issues/13976 which was requested in https://github.com/owncloud/core/pull/13973#issuecomment-73492969
* Respect `mod_unique_id` and refactor `OC_Request::getRequestId`Lukas Reschke2015-02-091-2/+8
| | | | | | | | | | | | | | When `mod_unique_id` is enabled the ID generated by it will be used for logging. This allows for correlation of the Apache logs and the ownCloud logs. Testplan: - [ ] When `mod_unique_id` is enabled the request ID equals the one generated by `mod_unique_id`. - [ ] When `mod_unique_id` is not available the request ID is a 20 character long random string - [ ] The generated Id is stable over the lifespan of one request Changeset looks a little bit larger since I had to adjust every unit test using the HTTP\Request class for proper DI. Fixes https://github.com/owncloud/core/issues/13366
* Make remaining files extend the test baseJoas Schilling2014-11-191-1/+3
|
* fix 8757, get rid of service locator antipatternBernhard Posselt2014-05-281-2/+4
|
* adjust license headers to new mail addressBernhard Posselt2014-05-111-1/+1
|
* OCP\AppFramework\Controller\Controller => OCP\AppFramework\ControllerThomas Tanghus2013-10-111-1/+1
|
* fixing all appframework unit testsThomas Müller2013-10-071-2/+2
|
* Make abstract Middleware class publicThomas Tanghus2013-10-051-1/+1
| | | | | It doesn't make sense for subclasses to have to implement all methods.
* kill superfluent classloader from tests - this approach might be of interest ↵Thomas Müller2013-08-211-5/+6
| | | | within the apps
* initial import of appframeworkThomas Müller2013-08-171-0/+82
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-31 04:03:47 +0000