wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
46026 commits 157 branches 562 tags 714 MiB
Commit graph

36 commits

Author SHA1 Message Date
Robin Appelman
c0a283fefb
ensure we always return an array from Request::getParams 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2018-08-28 18:11:42 +02:00
Roeland Jago Douma
043a824e6a
Fix comments 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-02-22 15:51:19 +01:00
Roeland Jago Douma
0ee45d3d20
Fix proper types 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-02-22 15:51:19 +01:00
Roeland Jago Douma
a229095af1
Make Request strict 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-02-22 15:51:19 +01:00
Roeland Jago Douma
ca9f364fd4
Fix tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-02-21 10:55:52 +01:00
Roeland Jago Douma
bb0c7b2943
Make AppFramework/Http/Dispatcher strict 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-02-21 08:51:46 +01:00
Morris Jobke
4ef302c0be
Request->getHeader() should always return a string 
PHPDoc (of the public API) says that this method returns string but it also returns null, which is not allowed in some method calls. This fixes that behaviour and returns an empty string and fixes all code paths that explicitly checked for null to be still compliant.

Found while enabling the strict_typing for lib/private for the PHP7+ migration.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-01-17 09:51:31 +01:00
Roeland Jago Douma
ca70694502
Also check for empty content lenth 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-12-14 21:48:59 +01:00
Morris Jobke
31c5c2a592
Change @georgehrke's email 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-11-06 20:38:59 +01:00
Morris Jobke
0eebff152a
Update license headers 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-11-06 16:56:19 +01:00
Roeland Jago Douma
c257cd57d4
Handle SameSiteCookie check for index.php in AppFramework Middleware 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-09-24 21:07:16 +02:00
Roeland Jago Douma
9717cdfb9e
If there is no content don't error 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-08-09 15:51:13 +02:00
Roeland Jago Douma
ede15f0988
Fix L10N::t 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-08-01 08:20:17 +02:00
coderkun
bdc7bb1f26 Add IPv6 to “localhost” regex (#440) 
Signed-off-by: Oliver Hanraths <olli@coderkun.de>
 2017-05-14 21:29:03 +02:00
Joas Schilling
695696a4a6
Use constants 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-13 12:04:32 -05:00
Juan Pablo Villafáñez
38e5135cb9
Reorder the entries of the log for easier reading 2017-04-12 13:03:19 +02:00
Roeland Jago Douma
2a9192334e
Don't try to parse empty body if there is no body 
Fixes #3890

If we do a put request without a body the current code still tries to
read the body. This patch makes sure that we do not try to read the body
if the content length is 0.

See RFC 2616 Section 4.3

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-04 08:22:33 +02:00
Roeland Jago Douma
8626ccab1c
dont require strict same site cookies for ocs requests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-03-09 16:48:48 +01:00
Joas Schilling
33fb86f68b
Fix detection of the new iOS app 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-02-10 10:10:21 +01:00
Christoph Wurst
5e728d0eda oc_token should be nc_token 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2017-02-02 21:56:44 +01:00
Lukas Reschke
a05b8b7953
Harden cookies more appropriate 
This adds the __Host- prefix to the same-site cookies. This is a small but yet nice security hardening.

See https://googlechrome.github.io/samples/cookie-prefixes/ for the implications.

Fixes https://github.com/nextcloud/server/issues/1412

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2016-11-23 12:53:44 +01:00
Robin Appelman
4235b18a88
allow passing a stream to StreamResponse 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2016-11-16 15:30:36 +01:00
Joas Schilling
c20ab0049f
Identify Chromium as Chrome 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-10-26 12:07:10 +02:00
Joas Schilling
f9cea0b582 Merge pull request #797 from nextcloud/only-match-for-auth-cookie 
Match only for actual session cookie
 2016-08-31 15:59:16 +02:00
Lukas Reschke
d50e7ee36c
Remove reading PATH_INFO from server variable 
Having two code paths for this is unreliable and can lead to bugs. Also, in some cases Apache isn't setting the PATH_INFO variable when mod_rewrite is used.

Fixes https://github.com/nextcloud/server/issues/983
 2016-08-19 14:48:13 +02:00
Roeland Jago Douma
8f3dc0ba43
Remove IE_8 user agent string 2016-08-16 21:01:32 +02:00
Lukas Reschke
b53ea18ea5
Match only for actual session cookie 
OVH has implemented load balancing in a very questionable way where the reverse proxy actually internally adds some cookies which would trigger a security exception. To work around this, this change only checks for the session cookie.
 2016-08-09 19:23:08 +02:00
Morris Jobke
8c7d7d7746 Merge pull request #507 from nextcloud/run-le-script 
Update emails and license headers with latest changes
 2016-07-21 23:27:15 +02:00
Joas Schilling
0215b004da
Update with robin 2016-07-21 18:13:58 +02:00
Joas Schilling
ba87db3fcc
Fix others 2016-07-21 18:13:57 +02:00
Roeland Jago Douma
e42f2f2650
AppFramework do not get default response 
The OCSResponse differs from other responses in that it defaults to
XML. However we fell back to json by default.

This makes sure that if nothing is set we don't pass anything.
Which defaults then to the controllers default (which is often 'json')
but in the case of the OCSResponse 'xml'.
 2016-07-20 22:05:43 +02:00
Lukas Reschke
a299fa38a9
[master] Port Same-Site Cookies to master 
Fixes https://github.com/nextcloud/server/issues/50
 2016-07-20 18:37:57 +02:00
Joas Schilling
b1d652e8b0
Copy the regexes to the public interface 2016-07-18 15:11:44 +02:00
Lukas Reschke
aba539703c
Update license headers 2016-05-26 19:57:24 +02:00
Roeland Jago Douma
eb11ed1851
Make ownCloud work again in php 7.0.6 
See https://bugs.php.net/bug.php?id=72117
 2016-04-28 12:23:17 +02:00
Roeland Jago Douma
1d33a5ef13
Move \OC\AppFramework to PSR-4 
* Also moved the autoloader setup a bit up since we need it in initpaths
 2016-04-22 15:28:09 +02:00