Commit graph

26872 commits

Author SHA1 Message Date
Thomas Müller
2fc19635f6 Merge pull request #19014 from owncloud/dont-add-requestheaders-for-cross-domain-requests
Add security hardenings to $.ajax()
2015-09-16 00:16:31 +02:00
Thomas Müller
d1f7087b6c Merge pull request #18979 from owncloud/sidebare-preview-fixes
Sidebare preview fixes
2015-09-16 00:12:25 +02:00
Thomas Müller
f6f7d8cf94 Merge pull request #18938 from owncloud/occ_decrypt_all2
occ script to disable encryption and to decrypt all files again
2015-09-16 00:11:41 +02:00
Thomas Müller
ac1239220d Merge pull request #19052 from owncloud/revert-14856-remote_avatars
Revert "Allow Remote avatars"
2015-09-16 00:10:00 +02:00
Bjoern Schiessle
9bd4f2d41e occ script to disable encryption and to decrypt all files again 2015-09-15 22:39:44 +02:00
Lukas Reschke
230029e509 Merge pull request #18368 from owncloud/version-retention
Add versions obligation
2015-09-15 19:32:07 +02:00
Lukas Reschke
82c2e0df7c Merge branch 'master' into version-retention 2015-09-15 19:29:06 +02:00
Robin Appelman
9883d5b85d Merge pull request #18915 from owncloud/node-getfoldercontents-use-view-logic
Use the view logic for getFolderContent for the node api
2015-09-15 18:04:01 +02:00
Robin Appelman
e545c2eec5 Merge pull request #17811 from owncloud/dav-lock-wide
Wrap the entire dav PUT in a read lock
2015-09-15 17:22:00 +02:00
Jan-Christoph Borchardt
accebae356 fix filename display in sidebar, fix #18981 2015-09-15 17:03:46 +02:00
Thomas Müller
ae9ea244f2 Merge pull request #19043 from owncloud/fix-php-doc-of-encrypt-all
Function does return void
2015-09-15 17:03:34 +02:00
Thomas Müller
a446b43bcc Revert "Allow Remote avatars" 2015-09-15 16:52:12 +02:00
Victor Dubiniuk
cb529acc5c Follow PSR 2015-09-15 17:08:54 +03:00
Victor Dubiniuk
d57f3bf9cc Update options description 2015-09-15 17:08:54 +03:00
Victor Dubiniuk
c3dc5b0317 Add method docblock 2015-09-15 17:08:54 +03:00
Victor Dubiniuk
f46b434a12 Namespacing, reusing 2015-09-15 17:08:54 +03:00
Victor Dubiniuk
c3e055549e Improvements 2015-09-15 17:08:54 +03:00
Victor Dubiniuk
b95d1e6683 Add quota status to expiration check 2015-09-15 17:08:54 +03:00
Victor Dubiniuk
7ef937d8ad Add versions obligation 2015-09-15 17:08:54 +03:00
Robin Appelman
8767c2b3be fix small mimetype icons 2015-09-15 15:40:42 +02:00
Frank Karlitschek
650e600b94 Merge pull request #18273 from owncloud/files-sidebar-toggle
Keep right sidebar open, add Details action
2015-09-15 14:45:34 +02:00
Robin Appelman
72cfeaf157 recognize eps, psd and illustrator as image 2015-09-15 14:32:07 +02:00
Robin Appelman
98966329bf crop to the center for landscape images 2015-09-15 14:32:07 +02:00
Robin Appelman
a734606649 Various thumbnail fixes
- Show square images as portrait
- Set max height based on sidebar width
- cleanup
2015-09-15 14:32:07 +02:00
Robin Appelman
19e1d35373 Fix path for fileinfomodel in subdirectories 2015-09-15 14:29:37 +02:00
Robin Appelman
1c792b9f43 normal margins for portrait previews 2015-09-15 14:29:37 +02:00
Thomas Müller
decdaf0018 Merge pull request #19024 from owncloud/remove-get_temp_dir
Remove get_temp_dir()
2015-09-15 14:18:29 +02:00
Thomas Müller
474f13c9d6 Merge pull request #19041 from owncloud/issue-19007-parameter-name
Fix parameter name to match the specs
2015-09-15 14:15:46 +02:00
Lukas Reschke
2f4a1c9c2c Merge branch 'master' into dont-add-requestheaders-for-cross-domain-requests 2015-09-15 14:04:40 +02:00
Lukas Reschke
7953cc9494 Function does return void
This function does return void and not a bool.
2015-09-15 14:02:10 +02:00
Thomas Müller
e82a225d04 Merge pull request #18964 from owncloud/availability-integer
Use integer for availability instead of bool
2015-09-15 13:24:55 +02:00
Thomas Müller
b6fe5b6f3c Merge pull request #19039 from owncloud/setup-autoloader-earlier
Define allowed app roots earlier
2015-09-15 13:24:35 +02:00
Joas Schilling
665716095b Fix parameter name to match the specs 2015-09-15 12:14:14 +02:00
Lukas Reschke
8e1b403b16 Catch apps which have been removed manually 2015-09-15 12:10:23 +02:00
Lukas Reschke
4680691ca6 Define allowed app roots earlier
The autoloader needs to be run before including the app.php, otherwise it depends on what app gets executed first and apps that rely on the dependency of other apps in app.php may break.
2015-09-15 12:10:23 +02:00
Thomas Müller
1d315512ea Merge pull request #19029 from owncloud/allow-tests-folder-in-autoloader
Allow /tests folder in autoloader by default
2015-09-15 12:06:45 +02:00
Lukas Reschke
f2d63d3518 Disable automatic evaluation of responses
If a response to a $.ajax() request returns a content type of "application/javascript"
JQuery would previously execute the response body. This is a pretty unexpected
behaviour and can result in a bypass of our Content-Security-Policy as well as
multiple unexpected XSS vectors.
2015-09-15 11:42:13 +02:00
Lukas Reschke
cd90685af1 Do not add sensitive request headers for cross domain requests
Prevents leaking the CSRF token to another third-party domain by mistake.
2015-09-15 11:42:13 +02:00
Robin McCorkell
f8619870ea Remove get_temp_dir() 2015-09-15 11:33:25 +02:00
Lukas Reschke
65ebba44ce Allow /tests folder in autoloader by default
Given the fact that "/tests" is not shipped by default and this has broken some applications and frustrated quite some people we should add "/tests" to the default allowed autoloading set.

I do consider the security impact marginally since the /tests folder is not shipped within the release as well as usually has a hard requirement on being called by phpunit.
2015-09-15 11:32:07 +02:00
Robin McCorkell
5ca690e2f8 Use integer for availability instead of bool 2015-09-15 10:18:32 +02:00
Jenkins for ownCloud
24d2cbf3de [tx-robot] updated from transifex 2015-09-15 01:54:50 -04:00
Vincent Petry
d0cea82969 Fixed sidebar toggle entry
Properly highlight the row after selecting the item.
This also fixes the unit tests by changing the order of registration of
file actions.
2015-09-14 20:45:30 +02:00
Vincent Petry
8a6574e81a Keep right sidebar open, add Details action 2015-09-14 20:45:30 +02:00
Robin Appelman
688981b55c allow hook cancel 2015-09-14 20:35:33 +02:00
Robin Appelman
9202d2f45a fix chunking tests 2015-09-14 20:35:33 +02:00
Robin Appelman
75f126da49 use the correct path for cache updates when doing chunked assembly 2015-09-14 20:35:33 +02:00
Robin Appelman
80f054ddd3 also verify cache in dav upload tests 2015-09-14 20:35:33 +02:00
Robin Appelman
6386327150 work directly on storages when doing a chunked upload assembly 2015-09-14 20:35:33 +02:00
Robin Appelman
b424151459 handle notfound exceptions in lock plugin 2015-09-14 20:35:33 +02:00