| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change allows AppFramework applications to specify a custom CSP header for example when the default policy is too strict. Furthermore this allows us to partially migrate away from CSS and allowed eval() in our JavaScript components.
Legacy ownCloud components will still use the previous policy. Application developers can use this as following in their controllers:
```php
$response = new TemplateResponse('activity', 'list', []);
$cspHelper = new ContentSecurityPolicyHelper();
$cspHelper->addAllowedScriptDomain('www.owncloud.org');
$response->addHeader('Content-Security-Policy', $cspHelper->getPolicy());
return $response;
```
Fixes https://github.com/owncloud/core/issues/11857 which is a pre-requisite for https://github.com/owncloud/core/issues/13458 and https://github.com/owncloud/core/issues/11925
|
| |\
| |
| | |
Additional controllermethodreflector inheritance tests
|
| | | |
|
| | | |
|
| |\ \
| | |
| | |
| | |
| | | |
owncloud/group-share-collition-wrong-type-in-post-hook
Do not overwrite the shareType so the post hook is still correct
|
| | | | |
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
Add a controller and reponse for ocs
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When `mod_unique_id` is enabled the ID generated by it will be used for logging. This allows for correlation of the Apache logs and the ownCloud logs.
Testplan:
- [ ] When `mod_unique_id` is enabled the request ID equals the one generated by `mod_unique_id`.
- [ ] When `mod_unique_id` is not available the request ID is a 20 character long random string
- [ ] The generated Id is stable over the lifespan of one request
Changeset looks a little bit larger since I had to adjust every unit test using the HTTP\Request class for proper DI.
Fixes https://github.com/owncloud/core/issues/13366
|
| |\ \ \
| | | |
| | | | |
Updated the media type of some font types
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
TTF and TTF have now the same media type
Official since 2013 and supported by Firefox and Chrome
https://www.iana.org/assignments/media-types/application/font-sfnt
Introducing support for Type1 fonts
|
| |\ \ \ \
| | | | |
| | | | | |
Use 403 instead of 200 response
|
| | | | | |
| | | | |
| | | | |
| | | | | |
A forbidden should throw a 403 and this makes it easier for me to do some automated testing.
|
| | |_|/ /
|/| | | |
|
| | | | | |
|
| |\ \ \ \
| | | | |
| | | | | |
Default to `null` for lostpassword
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| |/ / / / |
|
| | |_|/
|/| | |
|
| | | | |
|
| | | | |
|
| |/ / |
|
| |\ \
| | |
| | | |
Prevent wrapping null storage
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Can happen when trying to instantiate external storages that have
incomplete config, where the constructor throws an exception (the
exception is caught in createStorage())
|
| |\ \ \
| |/ /
|/| | |
Call final unlink in trash wrapper's storage
|
| | | | |
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
owncloud/add-warning-if-restore-of-data-is-not-possible
Add value if restore of data is possible for a user
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* reason: nice to know before password change in user management
* restore is possible:
* encryption is disabled
* encryption is enabled, admin and user has checked the
restore option
* if not possible:
* highlight users row in red once the admin wants to change the password
* show also a little tipsy
|
| | | | |
| | | |
| | | |
| | | | |
problems for different primary storages
|
| |/ / /
| | |
| | |
| | | |
user object
|
| |\ \ \
| |_|/
|/| | |
Add a method to set/unset multiple config values with one write
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
This reduces the number of file writes we do for config.php and therefor
hopefully helps lowering the chances for empty config.php files
|
| |/ / |
|
| | |
| |
| |
| | |
* fixes Undefined offset: 1 at lib/private/mail.php#143
|
| |\ \
| | |
| | | |
Fix reshare permission change to not impair other deletion code
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
A recent change that prevents reshare permission changes to delete group
share children had the side-effect of also preventing group share
children deletion when it needed to be done.
This fix adds an extra flag to isolate the "reshare permission change"
deletion case and keep the other ones as they were before, not only to
fix the regression but also fix other potential regressions in code that
uses this method.
Also updated the comment because now Helper::delete() is no longer
limited to reshares but also applies to group share children.
|
| |\ \ \
| | | |
| | | | |
Remove duplicated slashes from the requested url
|
| | | |/
| |/| |
|
| |/ /
| |
| |
| |
| |
| | |
Moved external share JS code into a small plugin to make it testable.
Added unit test for the external share dialog logic + ajax calls.
|
| | | |
|
| |/ |
|
| |\
| |
| |
| |
| | |
owncloud/share-fixfindshareforuserwithmultiplegroups
Fix getItemSharedWithUser for groups
|
| | |
| |
| |
| |
| |
| | |
Fixed SQL query for whenever a user has more than one group.
Added missing $owner where clause for group lookup.
Added unit tests for the group cases.
|
| | |
| |
| |
| |
| |
| | |
Previously when $gid was empty the users were not filtered at all. Rendering the search function in the user management pretty useless.
Fixes itself
|
