Commit graph

111 commits

Author SHA1 Message Date
Lukas Reschke
6d3757f864 Do not show exception to the end-user
Log the error instead of potentially leaking sensitive information
2014-09-17 13:17:52 +02:00
Robin Appelman
a05147e25c handle service not available exceptions in index, remote and public.php 2014-08-04 13:41:04 +02:00
Thomas Müller
afbe50d09c remove global variable $RUNTIME_NOAPPS - it's just superfluous 2014-02-06 09:44:13 +01:00
Vincent Petry
c4dee281e6 Added $app parameter to logException 2013-10-23 13:58:42 +02:00
Vincent Petry
42c58220de Moved logException to OCP\Util class 2013-10-23 10:48:27 +02:00
Vincent Petry
83956b1703 Expand exception stack trace in log in debug mode 2013-10-22 19:17:41 +02:00
Thomas Müller
5acb3c4c0d first log the exception 2013-09-15 21:20:22 +02:00
Jörn Friedrich Dreyer
9c9bfcd626 log as index, not remote 2013-06-25 17:45:42 +03:00
Jörn Friedrich Dreyer
8dc6bdd96b clean up usage of DatabaseSetupException and catch Exceptions in entrypoints 2013-06-10 13:45:19 +02:00
Felix Moeller
ddfcc96ab5 Checkstyle: LowerCaseConstant 2012-10-23 08:20:17 +02:00
Thomas Müller
08edb5dc58 Update index.php 2012-09-04 12:09:39 +03:00
Jörn Friedrich Dreyer
c8255a170c Merge branch 'master' of git://gitorious.org/owncloud/owncloud into oracle-support
Conflicts:
	3rdparty/Sabre/CardDAV/Plugin.php
	3rdparty/smb4php/smb.php
	apps/bookmarks/ajax/addBookmark.php
	apps/bookmarks/ajax/editBookmark.php
	apps/bookmarks/appinfo/migrate.php
	apps/calendar/ajax/calendar/edit.form.php
	apps/calendar/ajax/changeview.php
	apps/calendar/ajax/import/import.php
	apps/calendar/ajax/settings/guesstimezone.php
	apps/calendar/ajax/settings/setfirstday.php
	apps/calendar/ajax/settings/settimeformat.php
	apps/calendar/ajax/share/changepermission.php
	apps/calendar/ajax/share/share.php
	apps/calendar/ajax/share/unshare.php
	apps/calendar/appinfo/app.php
	apps/calendar/appinfo/remote.php
	apps/calendar/appinfo/update.php
	apps/calendar/appinfo/version
	apps/calendar/js/calendar.js
	apps/calendar/l10n/da.php
	apps/calendar/l10n/de.php
	apps/calendar/l10n/fi_FI.php
	apps/calendar/l10n/gl.php
	apps/calendar/l10n/he.php
	apps/calendar/l10n/hr.php
	apps/calendar/l10n/ja_JP.php
	apps/calendar/l10n/lb.php
	apps/calendar/l10n/lt_LT.php
	apps/calendar/l10n/nb_NO.php
	apps/calendar/l10n/pl.php
	apps/calendar/l10n/pt_PT.php
	apps/calendar/l10n/ro.php
	apps/calendar/l10n/ru.php
	apps/calendar/l10n/sv.php
	apps/calendar/l10n/zh_CN.php
	apps/calendar/l10n/zh_TW.php
	apps/calendar/lib/app.php
	apps/calendar/lib/calendar.php
	apps/calendar/lib/object.php
	apps/calendar/lib/share.php
	apps/calendar/templates/part.choosecalendar.rowfields.php
	apps/calendar/templates/part.import.php
	apps/calendar/templates/settings.php
	apps/contacts/ajax/activation.php
	apps/contacts/ajax/addressbook/delete.php
	apps/contacts/ajax/contact/add.php
	apps/contacts/ajax/contact/addproperty.php
	apps/contacts/ajax/contact/delete.php
	apps/contacts/ajax/contact/deleteproperty.php
	apps/contacts/ajax/contact/saveproperty.php
	apps/contacts/ajax/createaddressbook.php
	apps/contacts/ajax/cropphoto.php
	apps/contacts/ajax/currentphoto.php
	apps/contacts/ajax/importaddressbook.php
	apps/contacts/ajax/oc_photo.php
	apps/contacts/ajax/savecrop.php
	apps/contacts/ajax/selectaddressbook.php
	apps/contacts/ajax/updateaddressbook.php
	apps/contacts/ajax/uploadimport.php
	apps/contacts/ajax/uploadphoto.php
	apps/contacts/appinfo/migrate.php
	apps/contacts/appinfo/remote.php
	apps/contacts/css/contacts.css
	apps/contacts/import.php
	apps/contacts/index.php
	apps/contacts/js/contacts.js
	apps/contacts/l10n/ca.php
	apps/contacts/l10n/cs_CZ.php
	apps/contacts/l10n/da.php
	apps/contacts/l10n/de.php
	apps/contacts/l10n/el.php
	apps/contacts/l10n/eo.php
	apps/contacts/l10n/es.php
	apps/contacts/l10n/et_EE.php
	apps/contacts/l10n/eu.php
	apps/contacts/l10n/fa.php
	apps/contacts/l10n/fi_FI.php
	apps/contacts/l10n/fr.php
	apps/contacts/l10n/he.php
	apps/contacts/l10n/hr.php
	apps/contacts/l10n/hu_HU.php
	apps/contacts/l10n/ia.php
	apps/contacts/l10n/it.php
	apps/contacts/l10n/ja_JP.php
	apps/contacts/l10n/ko.php
	apps/contacts/l10n/lb.php
	apps/contacts/l10n/mk.php
	apps/contacts/l10n/nb_NO.php
	apps/contacts/l10n/nl.php
	apps/contacts/l10n/pl.php
	apps/contacts/l10n/pt_BR.php
	apps/contacts/l10n/pt_PT.php
	apps/contacts/l10n/ro.php
	apps/contacts/l10n/ru.php
	apps/contacts/l10n/sk_SK.php
	apps/contacts/l10n/sl.php
	apps/contacts/l10n/sv.php
	apps/contacts/l10n/th_TH.php
	apps/contacts/l10n/tr.php
	apps/contacts/l10n/zh_CN.php
	apps/contacts/l10n/zh_TW.php
	apps/contacts/lib/addressbook.php
	apps/contacts/lib/hooks.php
	apps/contacts/lib/vcard.php
	apps/contacts/photo.php
	apps/contacts/templates/part.contact.php
	apps/contacts/templates/part.contacts.php
	apps/contacts/templates/part.cropphoto.php
	apps/contacts/templates/part.importaddressbook.php
	apps/contacts/templates/part.selectaddressbook.php
	apps/contacts/thumbnail.php
	apps/files/ajax/download.php
	apps/files/ajax/newfile.php
	apps/files/ajax/timezone.php
	apps/files/appinfo/update.php
	apps/files/appinfo/version
	apps/files/index.php
	apps/files/js/fileactions.js
	apps/files/js/filelist.js
	apps/files/js/files.js
	apps/files/l10n/ar.php
	apps/files/l10n/bg_BG.php
	apps/files/l10n/ca.php
	apps/files/l10n/cs_CZ.php
	apps/files/l10n/da.php
	apps/files/l10n/de.php
	apps/files/l10n/el.php
	apps/files/l10n/eo.php
	apps/files/l10n/es.php
	apps/files/l10n/et_EE.php
	apps/files/l10n/eu.php
	apps/files/l10n/fa.php
	apps/files/l10n/fi_FI.php
	apps/files/l10n/fr.php
	apps/files/l10n/gl.php
	apps/files/l10n/he.php
	apps/files/l10n/hr.php
	apps/files/l10n/hu_HU.php
	apps/files/l10n/ia.php
	apps/files/l10n/id.php
	apps/files/l10n/it.php
	apps/files/l10n/ja_JP.php
	apps/files/l10n/ko.php
	apps/files/l10n/lb.php
	apps/files/l10n/lt_LT.php
	apps/files/l10n/mk.php
	apps/files/l10n/ms_MY.php
	apps/files/l10n/nb_NO.php
	apps/files/l10n/nl.php
	apps/files/l10n/nn_NO.php
	apps/files/l10n/pl.php
	apps/files/l10n/pt_BR.php
	apps/files/l10n/pt_PT.php
	apps/files/l10n/ro.php
	apps/files/l10n/ru.php
	apps/files/l10n/sk_SK.php
	apps/files/l10n/sl.php
	apps/files/l10n/sr.php
	apps/files/l10n/sr@latin.php
	apps/files/l10n/sv.php
	apps/files/l10n/th_TH.php
	apps/files/l10n/tr.php
	apps/files/l10n/uk.php
	apps/files/l10n/zh_CN.php
	apps/files/l10n/zh_TW.php
	apps/files_archive/js/archive.js
	apps/files_encryption/lib/cryptstream.php
	apps/files_encryption/lib/proxy.php
	apps/files_encryption/tests/proxy.php
	apps/files_external/appinfo/app.php
	apps/files_external/lib/smb.php
	apps/files_external/lib/streamwrapper.php
	apps/files_external/tests/config.php
	apps/files_external/tests/smb.php
	apps/files_sharing/ajax/email.php
	apps/files_sharing/ajax/getitem.php
	apps/files_sharing/ajax/setpermissions.php
	apps/files_sharing/ajax/share.php
	apps/files_sharing/ajax/toggleresharing.php
	apps/files_sharing/ajax/unshare.php
	apps/files_sharing/ajax/userautocomplete.php
	apps/files_sharing/js/settings.js
	apps/files_sharing/js/share.js
	apps/files_sharing/lib_share.php
	apps/files_sharing/settings.php
	apps/files_sharing/sharedstorage.php
	apps/files_sharing/templates/settings.php
	apps/files_versions/ajax/rollbackVersion.php
	apps/files_versions/versions.php
	apps/gallery/ajax/thumbnail.php
	apps/gallery/appinfo/app.php
	apps/gallery/appinfo/update.php
	apps/gallery/appinfo/version
	apps/gallery/css/styles.css
	apps/gallery/index.php
	apps/gallery/js/pictures.js
	apps/gallery/l10n/ca.php
	apps/gallery/l10n/cs_CZ.php
	apps/gallery/l10n/de.php
	apps/gallery/l10n/el.php
	apps/gallery/l10n/es.php
	apps/gallery/l10n/fi_FI.php
	apps/gallery/l10n/fr.php
	apps/gallery/l10n/it.php
	apps/gallery/l10n/pl.php
	apps/gallery/l10n/pt_PT.php
	apps/gallery/l10n/ru.php
	apps/gallery/l10n/sl.php
	apps/gallery/l10n/sv.php
	apps/gallery/l10n/th_TH.php
	apps/gallery/l10n/tr.php
	apps/gallery/l10n/zh_CN.php
	apps/gallery/lib/album.php
	apps/gallery/lib/hooks_handlers.php
	apps/gallery/lib/managers.php
	apps/gallery/lib/photo.php
	apps/gallery/lib/tiles.php
	apps/gallery/lib/tiles_test.php
	apps/gallery/templates/index.php
	apps/media/lib_ampache.php
	apps/media/lib_collection.php
	apps/media/lib_media.php
	apps/remoteStorage/lib_remoteStorage.php
	apps/tasks/ajax/addtaskform.php
	apps/tasks/ajax/edittask.php
	apps/user_ldap/appinfo/update.php
	apps/user_ldap/group_ldap.php
	apps/user_ldap/lib_ldap.php
	apps/user_ldap/settings.php
	apps/user_ldap/templates/settings.php
	apps/user_ldap/user_ldap.php
	apps/user_migrate/appinfo/app.php
	apps/user_migrate/templates/settings.php
	apps/user_webfinger/host-meta.php
	config/config.sample.php
	core/js/js.js
	core/l10n/da.php
	core/l10n/de.php
	core/l10n/fi_FI.php
	core/l10n/gl.php
	core/l10n/he.php
	core/l10n/hr.php
	core/l10n/id.php
	core/l10n/ja_JP.php
	core/l10n/lb.php
	core/l10n/lt_LT.php
	core/l10n/nb_NO.php
	core/l10n/pl.php
	core/l10n/pt_PT.php
	core/l10n/ro.php
	core/l10n/ru.php
	core/l10n/sv.php
	core/lostpassword/index.php
	core/templates/layout.user.php
	core/templates/login.php
	db_structure.xml
	index.php
	l10n/af/calendar.po
	l10n/af/contacts.po
	l10n/af/core.po
	l10n/af/files.po
	l10n/af/settings.po
	l10n/ar/calendar.po
	l10n/ar/contacts.po
	l10n/ar/core.po
	l10n/ar/files.po
	l10n/ar/media.po
	l10n/ar/settings.po
	l10n/bg_BG/calendar.po
	l10n/bg_BG/contacts.po
	l10n/bg_BG/core.po
	l10n/bg_BG/files.po
	l10n/bg_BG/media.po
	l10n/bg_BG/settings.po
	l10n/ca/calendar.po
	l10n/ca/contacts.po
	l10n/ca/core.po
	l10n/ca/files.po
	l10n/ca/gallery.po
	l10n/ca/settings.po
	l10n/cs_CZ/calendar.po
	l10n/cs_CZ/contacts.po
	l10n/cs_CZ/core.po
	l10n/cs_CZ/files.po
	l10n/cs_CZ/gallery.po
	l10n/cs_CZ/settings.po
	l10n/da/calendar.po
	l10n/da/contacts.po
	l10n/da/core.po
	l10n/da/files.po
	l10n/da/settings.po
	l10n/de/calendar.po
	l10n/de/contacts.po
	l10n/de/core.po
	l10n/de/files.po
	l10n/de/gallery.po
	l10n/de/settings.po
	l10n/el/calendar.po
	l10n/el/contacts.po
	l10n/el/core.po
	l10n/el/files.po
	l10n/el/gallery.po
	l10n/el/settings.po
	l10n/eo/calendar.po
	l10n/eo/contacts.po
	l10n/eo/core.po
	l10n/eo/files.po
	l10n/eo/media.po
	l10n/eo/settings.po
	l10n/es/calendar.po
	l10n/es/contacts.po
	l10n/es/core.po
	l10n/es/files.po
	l10n/es/gallery.po
	l10n/es/settings.po
	l10n/et_EE/calendar.po
	l10n/et_EE/contacts.po
	l10n/et_EE/core.po
	l10n/et_EE/files.po
	l10n/et_EE/settings.po
	l10n/eu/calendar.po
	l10n/eu/contacts.po
	l10n/eu/core.po
	l10n/eu/files.po
	l10n/eu/settings.po
	l10n/fa/calendar.po
	l10n/fa/contacts.po
	l10n/fa/core.po
	l10n/fa/files.po
	l10n/fa/settings.po
	l10n/fi_FI/calendar.po
	l10n/fi_FI/contacts.po
	l10n/fi_FI/core.po
	l10n/fi_FI/files.po
	l10n/fi_FI/gallery.po
	l10n/fi_FI/settings.po
	l10n/fr/calendar.po
	l10n/fr/contacts.po
	l10n/fr/core.po
	l10n/fr/files.po
	l10n/fr/gallery.po
	l10n/fr/media.po
	l10n/fr/settings.po
	l10n/gl/calendar.po
	l10n/gl/contacts.po
	l10n/gl/core.po
	l10n/gl/files.po
	l10n/gl/settings.po
	l10n/he/calendar.po
	l10n/he/contacts.po
	l10n/he/core.po
	l10n/he/files.po
	l10n/he/settings.po
	l10n/hr/calendar.po
	l10n/hr/contacts.po
	l10n/hr/core.po
	l10n/hr/files.po
	l10n/hr/settings.po
	l10n/hu_HU/calendar.po
	l10n/hu_HU/contacts.po
	l10n/hu_HU/core.po
	l10n/hu_HU/files.po
	l10n/hu_HU/settings.po
	l10n/hy/calendar.po
	l10n/hy/contacts.po
	l10n/hy/core.po
	l10n/hy/files.po
	l10n/hy/settings.po
	l10n/ia/calendar.po
	l10n/ia/contacts.po
	l10n/ia/core.po
	l10n/ia/files.po
	l10n/ia/settings.po
	l10n/id/calendar.po
	l10n/id/contacts.po
	l10n/id/core.po
	l10n/id/files.po
	l10n/id/settings.po
	l10n/it/calendar.po
	l10n/it/contacts.po
	l10n/it/core.po
	l10n/it/files.po
	l10n/it/gallery.po
	l10n/it/settings.po
	l10n/ja_JP/calendar.po
	l10n/ja_JP/contacts.po
	l10n/ja_JP/core.po
	l10n/ja_JP/files.po
	l10n/ja_JP/settings.po
	l10n/ko/calendar.po
	l10n/ko/contacts.po
	l10n/ko/core.po
	l10n/ko/files.po
	l10n/ko/settings.po
	l10n/lb/calendar.po
	l10n/lb/contacts.po
	l10n/lb/core.po
	l10n/lb/files.po
	l10n/lb/settings.po
	l10n/lt_LT/calendar.po
	l10n/lt_LT/contacts.po
	l10n/lt_LT/core.po
	l10n/lt_LT/files.po
	l10n/lt_LT/settings.po
	l10n/mk/calendar.po
	l10n/mk/contacts.po
	l10n/mk/core.po
	l10n/mk/files.po
	l10n/mk/settings.po
	l10n/ms_MY/calendar.po
	l10n/ms_MY/contacts.po
	l10n/ms_MY/core.po
	l10n/ms_MY/files.po
	l10n/ms_MY/settings.po
	l10n/nb_NO/calendar.po
	l10n/nb_NO/contacts.po
	l10n/nb_NO/core.po
	l10n/nb_NO/files.po
	l10n/nb_NO/settings.po
	l10n/nl/calendar.po
	l10n/nl/contacts.po
	l10n/nl/core.po
	l10n/nl/files.po
	l10n/nl/settings.po
	l10n/nn_NO/calendar.po
	l10n/nn_NO/contacts.po
	l10n/nn_NO/core.po
	l10n/nn_NO/files.po
	l10n/nn_NO/settings.po
	l10n/pl/calendar.po
	l10n/pl/contacts.po
	l10n/pl/core.po
	l10n/pl/files.po
	l10n/pl/gallery.po
	l10n/pl/settings.po
	l10n/pt_BR/calendar.po
	l10n/pt_BR/contacts.po
	l10n/pt_BR/core.po
	l10n/pt_BR/files.po
	l10n/pt_BR/settings.po
	l10n/pt_PT/calendar.po
	l10n/pt_PT/contacts.po
	l10n/pt_PT/core.po
	l10n/pt_PT/files.po
	l10n/pt_PT/gallery.po
	l10n/pt_PT/settings.po
	l10n/ro/calendar.po
	l10n/ro/contacts.po
	l10n/ro/core.po
	l10n/ro/files.po
	l10n/ro/settings.po
	l10n/ru/calendar.po
	l10n/ru/contacts.po
	l10n/ru/core.po
	l10n/ru/files.po
	l10n/ru/gallery.po
	l10n/ru/settings.po
	l10n/sk_SK/calendar.po
	l10n/sk_SK/contacts.po
	l10n/sk_SK/core.po
	l10n/sk_SK/files.po
	l10n/sk_SK/settings.po
	l10n/sl/calendar.po
	l10n/sl/contacts.po
	l10n/sl/core.po
	l10n/sl/files.po
	l10n/sl/gallery.po
	l10n/sl/settings.po
	l10n/sr/calendar.po
	l10n/sr/contacts.po
	l10n/sr/core.po
	l10n/sr/files.po
	l10n/sr/settings.po
	l10n/sr@latin/calendar.po
	l10n/sr@latin/contacts.po
	l10n/sr@latin/core.po
	l10n/sr@latin/files.po
	l10n/sr@latin/settings.po
	l10n/sv/calendar.po
	l10n/sv/contacts.po
	l10n/sv/core.po
	l10n/sv/files.po
	l10n/sv/gallery.po
	l10n/sv/media.po
	l10n/sv/settings.po
	l10n/templates/bookmarks.pot
	l10n/templates/calendar.pot
	l10n/templates/contacts.pot
	l10n/templates/core.pot
	l10n/templates/files.pot
	l10n/templates/gallery.pot
	l10n/templates/media.pot
	l10n/templates/settings.pot
	l10n/th_TH/calendar.po
	l10n/th_TH/contacts.po
	l10n/th_TH/core.po
	l10n/th_TH/files.po
	l10n/th_TH/gallery.po
	l10n/th_TH/settings.po
	l10n/tr/calendar.po
	l10n/tr/contacts.po
	l10n/tr/core.po
	l10n/tr/files.po
	l10n/tr/gallery.po
	l10n/tr/settings.po
	l10n/uk/calendar.po
	l10n/uk/contacts.po
	l10n/uk/core.po
	l10n/uk/files.po
	l10n/uk/media.po
	l10n/uk/settings.po
	l10n/zh_CN/calendar.po
	l10n/zh_CN/contacts.po
	l10n/zh_CN/core.po
	l10n/zh_CN/files.po
	l10n/zh_CN/gallery.po
	l10n/zh_CN/settings.po
	l10n/zh_TW/calendar.po
	l10n/zh_TW/contacts.po
	l10n/zh_TW/core.po
	l10n/zh_TW/files.po
	l10n/zh_TW/settings.po
	lib/app.php
	lib/base.php
	lib/connector/sabre/file.php
	lib/connector/sabre/locks.php
	lib/connector/sabre/node.php
	lib/db.php
	lib/filecache.php
	lib/fileproxy/quota.php
	lib/files.php
	lib/filestorage/local.php
	lib/filesystemview.php
	lib/group/database.php
	lib/helper.php
	lib/installer.php
	lib/json.php
	lib/l10n.php
	lib/migrate.php
	lib/mimetypes.fixlist.php
	lib/ocs.php
	lib/preferences.php
	lib/public/json.php
	lib/public/util.php
	lib/template.php
	lib/user.php
	lib/user/database.php
	lib/util.php
	lib/vcategories.php
	ocs/providers.php
	settings/admin.php
	settings/ajax/lostpassword.php
	settings/ajax/removeuser.php
	settings/ajax/setbackgroundjobsmode.php
	settings/ajax/setlanguage.php
	settings/ajax/setquota.php
	settings/ajax/togglegroups.php
	settings/apps.php
	settings/css/settings.css
	settings/js/apps.js
	settings/js/users.js
	settings/l10n/bg_BG.php
	settings/l10n/ca.php
	settings/l10n/cs_CZ.php
	settings/l10n/da.php
	settings/l10n/de.php
	settings/l10n/el.php
	settings/l10n/eo.php
	settings/l10n/es.php
	settings/l10n/et_EE.php
	settings/l10n/eu.php
	settings/l10n/fa.php
	settings/l10n/fi_FI.php
	settings/l10n/fr.php
	settings/l10n/gl.php
	settings/l10n/he.php
	settings/l10n/hr.php
	settings/l10n/hu_HU.php
	settings/l10n/it.php
	settings/l10n/ja_JP.php
	settings/l10n/ko.php
	settings/l10n/lt_LT.php
	settings/l10n/mk.php
	settings/l10n/ms_MY.php
	settings/l10n/nb_NO.php
	settings/l10n/nl.php
	settings/l10n/nn_NO.php
	settings/l10n/pl.php
	settings/l10n/pt_BR.php
	settings/l10n/pt_PT.php
	settings/l10n/ru.php
	settings/l10n/sk_SK.php
	settings/l10n/sl.php
	settings/l10n/sv.php
	settings/l10n/th_TH.php
	settings/l10n/tr.php
	settings/l10n/zh_CN.php
	settings/personal.php
	settings/templates/admin.php
	settings/templates/users.php
2012-08-25 00:05:07 +02:00
Lukas Reschke
360c22fd28 Validate cookie to prevent auth bypasses. 2012-08-24 14:58:48 +02:00
Bart Visscher
5e7086adc9 Move login handling to OC class 2012-08-10 12:17:13 +02:00
Bart Visscher
1823dafe44 Remove checks before displaying login page
At that point the checks are already done before
2012-08-10 12:09:19 +02:00
Bart Visscher
667cd318fe Use OC_Util::displayLoginPage and cleanup the function 2012-08-10 11:43:04 +02:00
Bart Visscher
3387454094 Move login code from index.php to OC class 2012-08-08 22:42:51 +02:00
Bart Visscher
9156fb73fd Move handling request of index.php to OC class 2012-08-08 22:42:50 +02:00
Bjoern Schiessle
902c649dad use new sanitize HTML function backported
Conflicts:

	lib/template.php
2012-06-20 16:59:51 +02:00
Bjoern Schiessle
089ae980c4 use new sanitize HTML function 2012-06-19 17:24:55 +02:00
Bart Visscher
79f9d61ec8 Allow apps to load before login, needed for user_openid 2012-06-18 15:40:48 +02:00
Bjoern Schiessle
0074062b53 fixed xss vulnerability 2012-06-15 16:16:00 +02:00
Bjoern Schiessle
3ddaedee3b fixed xss vulnerability 2012-06-15 15:51:06 +02:00
Thomas Tanghus
f589df7366 Redirect HTTP Auth requests to REQUEST_URI. Partial fix for http://bugs.owncloud.org/thebuggenie/owncloud/issues/oc-874 2012-06-13 18:31:36 +02:00
Thomas Tanghus
4f6978c30f Redirect HTTP Auth requests to REQUEST_URI. Partial fix for http://bugs.owncloud.org/thebuggenie/owncloud/issues/oc-874 2012-06-11 15:22:58 +02:00
Robin Appelman
ba1dec64c1 load all apps when loging in, needed for apps listening to login hooks 2012-06-09 15:58:30 +02:00
Robin Appelman
ec55eaef5b dont load apps when displaying the login page
and only load authentication apps during login
2012-06-09 15:28:57 +02:00
Frank Karlitschek
a945fa10a6 update copyright 2012-05-26 19:14:24 +02:00
Michael Gapczynski
90cbc32c77 Fix redirect after login, prevent open redirects 2012-05-18 16:56:48 -04:00
Michiel de Jong
1a874b4c56 make redirect safe by restricting it to current host 2012-05-18 15:32:41 +02:00
Michiel de Jong
9b5e8a2c63 fix redirect to desired page after login 2012-05-18 15:11:01 +02:00
Georg Ehrke
b35c6b57a9 allow loading of css files even if a user isn't logged in 2012-05-17 21:56:33 +02:00
Georg Ehrke
232788396d some changes for login 2012-05-11 16:43:45 +02:00
Michael Gapczynski
051442bc76 Sanitize redirect urls 2012-05-08 17:41:50 -04:00
Bart Visscher
4dbc2093c6 Create a function for linking to remote.php 2012-05-07 21:47:14 +02:00
Georg Ehrke
e33b12a375 fix path of webdav 2012-05-07 12:07:39 +02:00
Frank Karlitschek
d2b0de614e fix an XSS bug 2012-05-06 23:06:38 +02:00
Georg Ehrke
da03d05700 create folder 'remote' for the remote services like caldav, carddav and webdav 2012-05-02 16:41:23 +02:00
Georg Ehrke
657d02371c fix login 2012-04-27 14:55:26 +02:00
Georg Ehrke
993d655aad Merge branch 'master' into movable_apps_2 2012-04-27 10:30:50 +02:00
Frank Karlitschek
74b5e22a68 some more csrf fixes 2012-04-26 23:17:46 +02:00
Georg Ehrke
3f64eb25ab some fixes fore movable apps 2012-04-26 14:52:55 +02:00
Georg Ehrke
2e85313701 optimize code 2012-04-19 22:26:36 +02:00
Georg Ehrke
85019887df add loading of files 2012-04-19 16:44:49 +02:00
Georg Ehrke
3e0e6e35f4 open app thru index.php 2012-04-18 08:20:51 +02:00
Arthur Schiwon
30d524b426 load apps before logout so that logout-hook works 2012-02-20 11:21:46 +01:00
Bart Visscher
f47444e1f7 Use separate function to make absolute urls 2012-02-17 22:07:14 +01:00
Thomas Tanghus
f3e8776dc6 Merge git://gitorious.org/owncloud/owncloud into tanghus_remote_backup 2011-12-16 17:43:06 +01:00
Robin Appelman
a862fec9a3 make remember login token also dependent on password to protect against some brute force attacks on this token 2011-12-14 13:26:34 +01:00
Thomas Olsen
21d613cbc6 Added export.php for contacts app. Works the same way as the one in the calendar app, except there is no UI for it.
Fixed indentation in /index.php
2011-12-01 02:02:45 +01:00