Commit graph

12 commits

Author SHA1 Message Date
Lukas Reschke
abdbf10ebc Do not print exception message
In case of an error the error message often contains sensitive data such as the full path which potentially leads to a full path disclosure.

Thus the error message should not directly get displayed to the user and instead be logged.
2015-10-13 14:12:10 +02:00
Lukas Reschke
db4cb1dd4d Expire token after 12h and if user logged-in again
As an hardening measure we should expire password reset tokens after 12h and if the user has logged-in again successfully after the token was requested.
2015-08-22 20:42:45 +02:00
Roeland Jago Douma
65cf4028cc Move avatarcontroller towards Node Api 2015-08-18 14:48:19 +02:00
Morris Jobke
f63915d0c8 update license headers and authors 2015-06-25 14:13:49 +02:00
Thomas Müller
00338f9dca Removing files_encryption left overs 2015-04-07 13:30:28 +02:00
Jenkins for ownCloud
b585d87d9d Update license headers 2015-03-26 11:44:36 +01:00
Lukas Reschke
283476a2f7 Use new IMailer and add unit-tests for lostcontroller 2015-03-16 12:47:05 +01:00
Roeland Jago Douma
1a0f9c375b Avatar controller moved to AppFrameWork
* Original avatarcontroller migrated to the appframework
* Added DataDisplayResponse that show data inline in the browser (used
  to retrun the image)
* Removed some unneeded code
* Added unit tests for the avatarcontroller
2015-03-11 16:37:42 +01:00
Morris Jobke
06aef4e8b1 Revert "Updating license headers"
This reverts commit 6a1a4880f0.
2015-02-26 11:37:37 +01:00
Jenkins for ownCloud
6a1a4880f0 Updating license headers 2015-02-23 12:13:59 +01:00
Lukas Reschke
1b50d4f7ce Warn for password reset when files_encryption is enabled
This patch wil warn the user of the consequences when resetting the password and requires checking a checkbox (as we had in the past) to reset a password.

Furthermore I updated the code to use our new classes and added some unit tests for it 👯

Fixes https://github.com/owncloud/core/issues/11438
2014-11-17 17:50:19 +01:00
Lukas Reschke
f33312f767 Use AppFramework instead of custom controller 2014-08-25 11:50:19 +02:00
Renamed from core/lostpassword/application.php (Browse further)