| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| | |
Allow to specify the cookie type for appframework responses
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
In general it is good to set them to Lax. But also to give devs more
control over them is not a bad thing.
Helps with #21474
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |/
|
|
| |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |
|
|
| |
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
|
| |
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |\
| |
| | |
Clean up auth tokens when user is deleted
|
| | |
| |
| |
| | |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |/
|
|
| |
Signed-off-by: Julius Härtl <jus@bitgrid.net>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |\
| |
| |
| |
| | |
nextcloud/fix-password-changes-in-link-and-mail-shares
Fix password changes in link and mail shares
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When "send password by Talk" was disabled in a mail share it was
possible to keep the same password as before, as it does not pose any
security issue (unlike keeping it when "send password by Talk" is
enabled, as in that case the password was already disclosed by mail).
However, if a mail share is updated but the password is not set again
only the hashed password will be available. In that case it would not
make sense to send the password by mail, so now the password must be
changed when disabling "send password by Talk".
Note that, even if explicitly setting the same password again along with
the "send password by Talk" property would work, this was also prevented
for simplicity.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When "send password by Talk" is enabled in a mail share a new password
must be also set. However, when the passwords of the original and the
new share were compared it was not taken into account that the original
password is now hashed, while the new one is not (unless no new password
was sent, in which case the password of the original share was set in
the new share by the controller, but that was already prevented due to
both passwords being literally the same), so it was possible to set the
same password again.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| | |
When "send password by Talk" is enabled in a link share now a non empty
password is enforced.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| |/
|
|
|
|
|
| |
* Move to the handlebar loader from webpack
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Right now if you want to get events via the Node API you have to have a
real instance of the Root. Which in turns sets up the whole FS.
We should make sure this is done lazy. Else enabling the preview
generator for example makes you setup the whole FS on each and every
authenticated call.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |
|
|
| |
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
Before the resources/config/ca-bundle.crt was only used when the list of custom
certificates was empty and the instance was not installed. But it should also
be used when the list is empty and the instance is installed.
This is inverting the logic to stop if the instance is not installed to use the
default bundle. And it also does this when the list is empty.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |
|
|
|
| |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
|
| |\
| |
| | |
dont get the group details if we only ask for the id
|
| | |
| |
| |
| |
| |
| |
| | |
currenty when getting the groups for a user, the full group object is always created (and cached)
even if only the groupid is required
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
| | |
| |
| |
| |
| |
| | |
This reverts commit 6ffde128ad17a1ebe38f8d18b21a37d01b47c46b.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| | |
| |
| |
| | |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| | |
| |
| |
| |
| |
| | |
In test it reduced the transfered data from 5 MB to 2 MB. This should reduce the load on the appstore significantly.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| | |
| |
| |
| | |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| | | |
|
| |\ \
| | |
| | | |
Move not modified check to the middleware
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |\ \ \
| |/ /
|/| | |
Proxy server could cache http response when it is not private
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Clement Wong <git@clement.hk>
|
| |\ \ \
| | | |
| | | | |
Add AppFramework compression middleware to gzip responses
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | | |
Since we don't care if it is human readbale.
The code is backwards compatible with the old format.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| | |/
|/|
| |
| | |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\ \
| | |
| | | |
Set etag for capabilities endpoint
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |\ \ \
| | | |
| | | | |
Fix design and layout of notification mails
|
| | |/ /
| | |
| | |
| | | |
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The minimum for memory cost is 8 KiB per thread. Threads must be checked and set first to allow checking against the correct memory cost mimimum.
Options are now applied the following way:
- If config.php contains the setting with an integer higher or equal to the minimum, it is applied.
- If config.php contains the setting with an integer lower than the minimum, the minimum is applied.
- If config.php does not contain the setting or with no integer value, the PHP default is applied.
Signed-off-by: MichaIng <micha@dietpi.com>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |\ \
| | |
| | | |
Fix resharing of federated shares that were created out of links
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Julius Härtl <jus@bitgrid.net>
|
| |\ \ \
| | | |
| | | | |
Already enabled apps
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Sander Ruitenbeek <s.ruitenbeek@getgoing.nl>
|
| |\ \ \ \
| |_|_|/
|/| | | |
Make it possible to resolve svg's outside \OC::$SERVERROOT
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Previous implementation assumes the app path is always a child \OC::$SERVERROOT. That's not always true.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
