Daniel Kesselberg
6eb466776b
Don't show referrer policy warning if fallback policy set.
...
Test-Set:
no-referrer-when-downgrade
no-referrer
strict-origin-when-cross-origin
same-origin
no-referrer, strict-origin-when-cross-origin
strict-origin-
unsafe-raw, same-origin
strict-origin-when-downgrade
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-02-26 23:51:02 +01:00
Daniel Kesselberg
bfc956fc88
Set content type for propfind request
...
Without the request is sent as application/x-www-form-urlencoded; charset=UTF-8 and might be blocked by some application firewalls because content and content type do not match.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-02-21 22:13:49 +01:00
Victor Goff
2663fc442c
adviced should be advised
...
Signed-off-by: Victor Goff <keeperotphones@gmail.com>
2019-08-23 07:01:45 -04:00
Christoph Wurst
20afe94297
Do not show a internet connectivity warning if internet access is disabled
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-06-27 10:51:59 +02:00
Christoph Wurst
0f3e438f7c
Move OC.theme to the bundle and deprecate oc_defaults
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-14 11:14:29 +02:00
Morris Jobke
c8f2198aa0
Remove recommendation for opcache on CLI
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-09 12:25:53 +02:00
Morris Jobke
25d700ef30
Fix unneeded doc link to unrelated resource
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-11 11:00:21 +01:00
Morris Jobke
060b637b70
Show a setup warning in case S3 object storage is used as primary storage
...
* checks for at least 50 GB of free space
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-08 13:38:39 +01:00
Morris Jobke
6c7ccbecbf
Add setup check for missing UTF8MB4 on mysql
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-02-28 16:46:23 +01:00
Morris Jobke
faef05730a
Add unit tests and provide better message
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-02-20 10:54:39 +01:00
Bjoern Schiessle
7c31c9a748
add setup check for ocm-provider route
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2019-02-20 10:38:16 +01:00
Morris Jobke
0aa30b76de
Merge pull request #13134 from nextcloud/bugfix/13088/404-instead-of-exception
...
returns a 404 instead of exception if app is not installed - #13088
2019-01-04 17:08:04 +01:00
Daniel Kesselberg
248e824f48
Remove check for outdated caches
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-01-02 10:46:14 +01:00
Julius Härtl
a3be286273
Make setup check also pass with a 501 status
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-12-19 07:41:25 +01:00
Morris Jobke
17b2827bbf
Add setup check for pending bigint conversion
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-12-05 13:42:31 +01:00
Morris Jobke
5b22225351
Update casing of PHP inside method name
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-12-05 00:03:05 +01:00
Morris Jobke
f5ad80fc57
Add setup check for recommended PHP modules (i.e. Imagick, intl)
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-12-05 00:03:05 +01:00
Morris Jobke
f5894b653d
Add check for missing .woff2 rule in Nginx via setup check
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-29 17:01:43 +01:00
Morris Jobke
df6e9109c8
Merge pull request #11396 from nextcloud/wellknown-webfinger
...
adding .well-known/webfinger
2018-10-24 14:51:15 +02:00
Daniel Peukert
2da4f96bd6
Remove arrow function
...
Signed-off-by: Daniel Peukert <dan.peukert@gmail.com>
2018-10-17 18:10:37 +02:00
Daniel Peukert
b2dfcb5a18
Check if the X-XSS-Protection header contains the required fields
...
Signed-off-by: Daniel Peukert <dan.peukert@gmail.com>
2018-10-17 14:28:51 +02:00
Moritz Beck
b68661ed6e
Allow "same-origin" as "Referrer-Policy"
...
Fixes #11531
Although "same-origin" is more strict than e.g. strict-origin it showed up a warning in setupcheck
Based on https://scotthelme.co.uk/a-new-security-header-referrer-policy/
Signed-off-by: Moritz Beck <git@birkenstab.de>
2018-10-11 13:17:26 +02:00
Daniel Calviño Sánchez
d143b43a04
Make possible to set the expected status of the well known URL check
...
The check is based on the HTTP status returned by the URL, and different
URLs may return different status (for example, DAV returns 207, while
a service like WebFinger would return 200), so the expected status needs
to be set depending on the URL.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-10-10 13:48:56 +02:00
Timo Förster
006e150c87
Change check if secure randomness is possible.
...
Signed-off-by: Timo Förster <tfoerster@webfoersterei.de>
2018-08-24 23:12:02 +02:00
Michael Weimann
2bab916c53
Adds license to files. Updates the branch.
...
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-08-20 20:46:23 +02:00
Michael Weimann
c164409ee7
Adds a memory limit warning for console commands if the limit is below the recommended value
...
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-08-20 15:24:10 +02:00
Michael Weimann
c2fced4463
Adds a setup check for the memory limit
...
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-08-20 15:24:10 +02:00
Michael Weimann
b2e60e365d
Adds a setup check for app directory permissions.
...
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-08-09 19:47:55 +02:00
Cthulhux
f6f49c77f7
opcache module check
...
Improved the speed of isOpcacheProperlySetup() (instant return instead of continuing when we're already failed), added a check for the opcache extension itself. Potentially fixes #9410
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-07-11 16:08:40 +02:00
Roeland Jago Douma
6a0c54d5bf
Add warning to setup checks if the default mailer is still php
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-07-04 08:28:33 +02:00
Morris Jobke
9c4aecb539
Merge all setup checks into one controller
...
* renamed hasMissingIndexes to missingIndexes
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-06-13 15:25:08 +02:00
Morris Jobke
cd87a40eb3
Merge pull request #9836 from nextcloud/feature/noid/merge-tips-and-tricks-into-setup-checks
...
Merge tips & tricks section into setup checks
2018-06-13 13:18:40 +02:00
Morris Jobke
4a0b7aaf6c
Merge tips & tricks section into setup checks
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-06-13 12:05:38 +02:00
Morris Jobke
624d191ef6
Fix wrong hint about missing indexes
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-06-13 11:56:43 +02:00
Morris Jobke
393d9aae74
Add a hint that some indexes are not added yet
...
* gives the admin a chance to discover the missing indexes and improve the performance of the instance without digging through the manual
* nicely integrated in the setup checks where this kind of hints belong to
* also adds an option to integrate this from an app based on events
* fix style of setting warnings
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-06-06 16:55:01 +02:00
Roeland Jago Douma
4b70c9f89d
Add referrer policy setup check
...
Fixes #9122
Based on https://www.w3.org/TR/referrer-policy/ and
https://scotthelme.co.uk/a-new-security-header-referrer-policy/
Setting a sane Referrer-Policy will tell the browser if/when to send
referrer headers when accessing a link from Nextcloud. When configured
properly this results in less tracking and less leaking of (possibly)
sensitive urls
* Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-04 09:21:35 +02:00
Allan Nordhøy
13d8b7f190
Spelling: FreeType
2018-01-14 15:58:36 +01:00
Roeland Jago Douma
7618473a44
Add warning regarding freetype support
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-12-13 17:20:48 +01:00
Morris Jobke
ace96a406a
Show hint that PHP 5.6 will not be supported in Nextcloud 14 anymore
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-12-08 10:02:41 +01:00
Allan Nordhøy
55cad46a21
No "to equal to" "We" or "Our", properly
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-27 08:50:37 +01:00
Lukas Reschke
6d1d2dde0b
Merge pull request #4856 from coderkun/issue-3808-xframe-deny
...
Improve warning for X-Frame-Options header DENY (#3808 )
2017-11-14 14:30:14 +01:00
Markus Staab
db34b59238
Prevent XSS in links which open a new browser window
2017-10-19 12:16:04 +02:00
rakekniven
f2d999aa70
Update setupchecks.js
...
Fixed typo and removed doclink symbol.
Reported at transifex
Update util.php
Another l10n improvement from transifex.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-31 13:41:45 +02:00
Morris Jobke
1fedf450ac
Update Opcache recommendation
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-21 18:21:28 -05:00
coderkun
b44c3dd198
Improve warning for X-Frame-Options header DENY ( #3808 )
...
Signed-off-by: Oliver Hanraths <olli@coderkun.de>
2017-05-14 13:16:36 +02:00
Joas Schilling
1c0bffe87f
Fix translations
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 16:40:53 -05:00
Ko-
786ee72146
Add warning on admin screen when set_time_limit is unavailable
2017-03-16 11:48:28 +01:00
Morris Jobke
cee8853658
Show info in admin settings about PHP opcache if disabled
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-22 23:45:48 -06:00
Morris Jobke
a2867c0664
Properly check the data dir
...
* fixes #1364
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-12-05 23:35:35 +01:00
Joas Schilling
0f06034239
Replace more vendor naming
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-11 08:54:21 +01:00