Commit graph

375 commits

Author SHA1 Message Date
Lukas Reschke
bbd5f28415 Let users configure security headers in their Webserver
Doing this in the PHP code is not the right approach for multiple reasons:

1. A bug in the PHP code prevents them from being added to the response.
2. They are only added when something is served via PHP and not in other cases (that makes for example the newest IE UXSS which is not yet patched by Microsoft exploitable on ownCloud)
3. Some headers such as the Strict-Transport-Security might require custom modifications by administrators. This was not possible before and lead to buggy situations.

This pull request moves those headers out of the PHP code and adds a security check to the admin settings performed via JS.
2015-03-02 19:07:46 +01:00
Lukas Reschke
92b5517229 Use custom attribute instead of the div identifier
Otherwise problems arrive when a username contains characters such as an `@`

Fixes https://github.com/owncloud/user_shibboleth/issues/38
2015-02-27 17:38:59 +01:00
Lukas Reschke
27c1409be5 Encode parameters in OC.generateUrl by itself
This function is often used in a wrong and potential dangerous way... Thus we should escape the URL per default and offer developers to disable the automatic escaping via an option parameter if they really want that behaviour.

Might break some things, however, those things are then easy to fix and we really have a ton of bugs caused by this...

Fixes https://github.com/owncloud/core/issues/14228
2015-02-17 14:41:06 +01:00
Vincent Petry
e8f16db49d Merge pull request #13866 from rullzer/avatar_share_dialog
Avatars in share dialog
2015-02-17 10:17:36 +01:00
Roeland Jago Douma
9a6da8e6e2 Extended avatar unit tests 2015-02-13 12:57:24 +01:00
Roeland Jago Douma
ecb7d44775 Small unit test rewrite 2015-02-12 17:05:59 +01:00
Roeland Jago Douma
e952687dcd Added unit test 2015-02-12 16:50:14 +01:00
Thomas Müller
ccc1f09627 generate valid human readable text for 0 - fixed #9342 2015-01-29 17:27:28 +01:00
Joas Schilling
3f8e850dc6 Indicate that the share owner is remote in the filelist 2015-01-27 12:32:32 +01:00
Vincent Petry
c897a14d56 Fix reshare permission issue
The actual share permissions sent to the server on reshare are now based
on possiblePermissions + permissions inherited from parent share
2015-01-09 15:19:53 +01:00
Morris Jobke
8e1904386f Add timeout for notifications
* options for timeout in seconds and if it contains HTML
* if timeout is 0 it will show the message permanently
* removes the notification after a given (default: 5 seconds) timeframe
* based on work by @brantje
* provide JS unit tests for notifications
2015-01-08 13:06:45 +01:00
Morris Jobke
bfdf0db7c0 Autoescape of placeholders in t() and p() - for JS
* add disableEscape parameter to disable this functionality
* drop usage of escapeHTML() that is now done inside t()
* add unit test for escaped and not escaped placeholder
* proper JSDoc
2015-01-07 12:56:32 +01:00
Morris Jobke
29e1c3a898 Merge pull request #12795 from owncloud/files-layoutchanges
Move file thumbnail element into the label tag
2014-12-13 09:00:43 +01:00
Robin Appelman
3bf0922b13 Merge pull request #12527 from owncloud/js-pluginsystem
Simple Plugin system for Javascript
2014-12-12 11:43:31 +01:00
Vincent Petry
81e9d43e23 Move file thumbnail into the label element 2014-12-11 18:21:25 +01:00
Joas Schilling
539c0aeb04 Add an option to disallow sending sharing emails to non-owncloud users
Fix #10836
2014-12-09 11:32:39 +01:00
Vincent Petry
c02ef69521 Simple Plugin system for Javascript 2014-12-01 16:20:44 +01:00
Vincent Petry
ffe57d89e4 Fix l10n promises 2014-11-19 17:02:17 +01:00
Vincent Petry
152da9796b Added function to load translations from JS
For apps that support async translation loading, a new function
OC.L10N.load() can be used to asynchronously load the translations
for a given app.
2014-11-18 12:20:01 +01:00
Vincent Petry
ec1a73fab9 Added OC.L10N namespace with translation functions
Added addTranslations and fixed de.js file

Fixed de.js to use OC.L10N.register() and use to correct expected
format.

Added JS unit tests for OC.L10N class

Include translations JS script for all apps
2014-10-29 10:09:12 +01:00
Lukas Reschke
d2743e6ad6 Merge pull request #7254 from owncloud/core-sortalgo
Fixed JS sort comparator to be consistent between JS and PHP
2014-09-16 17:29:03 +02:00
Thomas Müller
fd92fc7c47 Merge pull request #9753 from owncloud/filepath-css
Remove special case for css in OC.filePath
2014-09-09 13:59:19 +02:00
Lukas Reschke
e3c99a8505 Add beforeeach and aftereach 2014-09-09 13:08:50 +02:00
Lukas Reschke
cabd70148f Add unittest for filePath 2014-09-09 12:05:19 +02:00
kondou
2a4c51389c Use a route instead of s.php and convert tokens asap 2014-09-04 15:23:55 +02:00
Clark Tomlinson
ba0e65753b Init vars with a value if none is provided 2014-08-28 13:53:45 -04:00
Vincent Petry
98d06094e7 Fix share dropdown when links are not allowed
When links are not allowed, the email field does not exist and
autocomplete returns null. This causes Javascript errors.

The fix prevents entering the bogus block when links aren't allowed, as
it doesn't make sense to enter it in such cases anyway.
2014-08-21 13:49:02 +02:00
Vincent Petry
607ea636be Fixed folder icon update routine when share owner exists
Whenever a folder has a "data-share-owner" attribute, the icon is now
properly updated to a shared folder icon.
2014-08-15 16:19:50 +02:00
Vincent Petry
f2001a48a4 Fixed sort algo for additional cases 2014-08-11 13:28:53 +02:00
Vincent Petry
173059f6d0 Fixed file list sorting
Now using a natural sort algorithm that is more consistent between JS
and PHP (although not perfect in some corner cases)

- added OC.Util.naturalSortComparator that uses the same algo that was
  used for the user list
- changed user list and files list to use OC.Util.naturalSortComparator
- removed toLowerCase() and changed the comparator to use
  String.localeCompare()
- added unit tests
- added OC_NaturalSort that is used by OCP\Util::naturalSortCompare()
2014-08-11 13:28:53 +02:00
Bjoern Schiessle
76ab097ee2 update unit test, min date should be always today + 1 2014-08-08 13:58:56 +02:00
Vincent Petry
4fea521102 Fix enforced share expiration date to be based on share time 2014-07-21 15:01:20 +02:00
Thomas Müller
7159d6118e reduce share action text to the user name only 2014-07-14 21:11:50 +02:00
Vincent Petry
5e4835f9e9 Improved remote share owner display
The parts of the remote share owner name is now split between user name,
domain name and root so they can be formatted / displayed differently.

The user name + domain name are displayed in the tooltip.
2014-07-03 14:15:25 +02:00
Vincent Petry
d9d816bd98 Unit tests for share dropdown with nested link share 2014-06-27 18:21:02 +02:00
Vincent Petry
a7e7e86df0 Test runner now loads CSS and hides testArea
- serve CSS and font files properly to make sure that measurements are
  correct for the tests that need them (breadcrumb)
- added opacity to testArea to make sure nothing is visible during
  testing
2014-06-24 16:32:18 +02:00
Vincent Petry
6a0f5cfc61 Added unit tests for heartbeat interval min/max values 2014-06-12 18:42:09 +02:00
Vincent Petry
d764aaa427 Fixed Snap mock
Also fixed JSHint errors
2014-06-06 09:55:32 +02:00
Jan-Christoph Borchardt
96278e0201 close sidebar when switching navigation entry, except on add or change settings 2014-06-05 17:06:21 +02:00
Thomas Müller
1c20c72efe Merge pull request #8620 from owncloud/design-navigation-two
Toggle app navigation not only on mobile, but on desktop as well
2014-06-05 10:53:22 +02:00
Morris Jobke
e186871996 fix unit test template 2014-06-05 09:46:19 +02:00
Morris Jobke
e3cbcadbd8 fix first failing test 2014-06-05 00:40:15 +02:00
Morris Jobke
ca43fba513 Merge pull request #8791 from owncloud/share-overview-sharewithstatus
Update share action text to display owner/recipients
2014-06-04 17:04:30 +02:00
Vincent Petry
52d9e313d1 Remove obsoleted code to trigger navigation menu
Now that the navigation menu is always togglable, the media query
dependent code can be removed.
2014-06-04 14:38:24 +02:00
Vincent Petry
07f1b263c9 Use recipient display names when updating shares in the UI
Since OC.Share didn't have any array containing the list of shares for
the current file, OC.Share.currentShares has been introduced to contain
the full share item structure instead of the reduced one
OC.Share.itemShares.

The event "sharesChanged" is now passing OC.Share.currentShares, which
itself includes the display name to be displayed for the recipients in
the action icon.
2014-06-04 10:37:04 +02:00
Morris Jobke
5add56b6ca Merge pull request #7485 from owncloud/scrutinizer_fix_1_kondou
Scrutinizer cleanup
2014-06-03 07:44:52 +02:00
Frank Karlitschek
f12a5248a3 Merge pull request #8820 from owncloud/design-details
Design details
2014-06-02 21:26:43 +02:00
kondou
9bc3f3cf30 Scrutinizer cleanup 2014-06-02 21:09:41 +02:00
Morris Jobke
fbe42a771f fix unit tests after introduction of animations - adds delays for click trigger 2014-06-02 18:09:41 +02:00
Vincent Petry
0944565f60 More unit tests and fixes for share 2014-06-02 18:08:56 +02:00
Morris Jobke
dd8b7b7af8 Merge pull request #8613 from owncloud/filesize-alignment
Improve aligment of file size
2014-06-02 17:37:53 +02:00
Morris Jobke
5d457dafc1 display "<1 kB" for really small files
* added parameters for humanFileSize to trigger that behaviour
* add unit tests for that
2014-06-02 15:33:09 +02:00
Morris Jobke
27c8c87e94 Merge pull request #8187 from owncloud/escape-more-character
Also encode > and '
2014-06-02 10:59:47 +02:00
Lukas Reschke
603b6c13b4 Fix typo 2014-05-31 21:11:29 +02:00
Lukas Reschke
360a79b8f4 Add unit tests for escapeHTML 2014-05-28 22:14:05 +02:00
Vincent Petry
627eba5348 Added ground work for OC.Share unit tests 2014-05-13 11:15:06 +02:00
Vincent Petry
9f62059efa Fix file summary to use the whole file list
- moved the summary code into a new class FileSummary
- FileSummary is calculated only once, then updated with add/remove
- added new OC.Util namespace for JS utility functions
2014-04-28 14:49:39 +02:00
Vincent Petry
f84d66a24f Moved SVGSupport call to use OC.Util.SVGSupport() 2014-04-09 15:23:09 +02:00
Vincent Petry
a4eafca77f Moved code to replace svg with png to OC.Util
- Moved code that replaces the "svg" extension for the given file to
core as OC.Util.replaceSVGIcon.
- Added unit test for OC.Util.replaceSVGIcon
- Moved "replaceSVG" to OC.Util.replaceSVG and deprecated the global
"replaceSVG" function.
- Added alias for SVGSupport() as OC.Util.hasSVGSupport() (for now)
2014-04-04 11:34:26 +02:00
Vincent Petry
268206cec5 Fixed parseQueryString to handle empty values and plus signs
- now correctly parse query strings with '+' signs
- empty values are now parsed either as null or empty string
- added unit test for parseQueryString()
2014-04-01 23:02:34 +02:00
Vincent Petry
cc6c152984 Fixed matchMedia usage to make unit tests work in PhantomJS
PhantomJS has a bug that makes it impossible to properly stub
window.matchMedia. This fix adds a wrapper as OC._matchMedia
that is used for unit tests
2014-03-18 15:52:06 +01:00
Vincent Petry
fe04106e0f Add/remove main menu action when switching between desktop/mobile mode 2014-03-18 13:10:13 +01:00
Vincent Petry
536c33895f Merge pull request #7592 from owncloud/fixstoragefreespace
Fixed upload issue when free space is not known (ex: FTP)
2014-03-06 17:22:40 +01:00
Morris Jobke
5f0a22586f Merge pull request #7579 from owncloud/introduce-generateUrl-master
Introduce OC.generateUrl() in master
2014-03-06 15:07:28 +01:00
Vincent Petry
e129f6845b Added testArea for JS Unit tests
Added a testArea that is outside the viewport but still considered as
visible from the jQuery code.

The testArea is useful when:
- tested code tries to access DOM elements using global ids
- tested code is requiring some UI elements to be visible to activate
  themselves
2014-03-06 12:50:18 +01:00
Thomas Müller
b46517f012 adding js unit tests for OC.generateUrl() 2014-03-06 00:26:57 +01:00
Vincent Petry
6de370b64c Removed obsolete OC.Router stubs in specHelper 2014-03-05 10:27:15 +01:00
Thomas Müller
33b798c3d6 fixing js unit tests 2014-03-05 01:10:39 +01:00
Vincent Petry
80c61d480c Added oc_defaults stub in specHelper.js
This is needed for JS Unit tests to run properly as they are expecting
the new "oc_default" map to exist.
2014-02-24 09:45:02 +01:00
Vincent Petry
3d88b10f20 Merge pull request #7067 from owncloud/core-sessionheartbeatconfig
Core sessionheartbeatconfig
2014-02-05 10:03:36 +01:00
Thomas Müller
ced80c6f27 Merge pull request #6969 from owncloud/tests-morecoverage
Fixed unit test scripts + coverage
2014-02-04 12:21:13 -08:00
Vincent Petry
e75f7e58e9 Added unit tests for session_keepalive / heartbeat 2014-02-04 13:56:41 +01:00
Vincent Petry
63cca35baa Added core unit tests for basename and dirname
Note that it doesn't work 100% like the PHP functions so the tests
have TODO comments to fix those core functions eventually.
2014-01-30 13:22:16 +01:00
Vincent Petry
41b6d4b702 Added OC.buidQueryString() utility function
Makes it possible to create query strings by passing a JavaScript hash
map and automatically encodes the keys and values.
2014-01-24 12:44:31 +01:00
Vincent Petry
350214c609 Added Javascript unit tests
- added karma utility to run jasmine unit tests
- added Sinon library (for stubs/mocks/fakeserver)
- added a few unit tests for core and files
- added autotest-js.sh script
2014-01-16 17:12:29 +01:00