Lukas Reschke
a05b8b7953
Harden cookies more appropriate
...
This adds the __Host- prefix to the same-site cookies. This is a small but yet nice security hardening.
See https://googlechrome.github.io/samples/cookie-prefixes/ for the implications.
Fixes https://github.com/nextcloud/server/issues/1412
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-23 12:53:44 +01:00
Roeland Jago Douma
df215625f1
Merge pull request #1972 from nextcloud/invalid-files-from-scanner
...
Make sure we don't scan files that can not be accessed
2016-11-22 12:55:54 +01:00
Roeland Jago Douma
08ef7356f6
Merge pull request #2165 from nextcloud/sharing-activities-update
...
Move file sharing activities to the new API
2016-11-22 10:19:15 +01:00
Morris Jobke
a02d0975dd
Merge pull request #2154 from nextcloud/comments-activities-update
...
Move comments activities to the new API
2016-11-22 09:56:22 +01:00
Robin Appelman
cd24010fa4
Merge pull request #2214 from nextcloud/remove-logging
...
remove old logging section
2016-11-21 17:17:02 +01:00
Robin Appelman
efdef8f801
Merge pull request #2211 from nextcloud/maintenance-wsod
...
fix white screen of death in maintenance mode when theming is disabled
2016-11-21 14:00:41 +01:00
Morris Jobke
3d9077ae3a
Merge pull request #2212 from nextcloud/fix_web_installer
...
Do not trigger appconfig queries when we are not yet installed
2016-11-21 13:57:48 +01:00
Robin Appelman
c694bd3455
remove old logging section
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-21 13:46:31 +01:00
Roeland Jago Douma
9bc4ac367f
Do not trigger appconfig queries when we are not yet installed
...
Fixes #2209
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-21 13:13:53 +01:00
Robin Appelman
58685413d2
fix white screen of death in maintenance mode when theming is disabled
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-21 13:10:55 +01:00
Lukas Reschke
fb91bf6a5b
Add a signer class for signing
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-21 11:30:00 +01:00
Lukas Reschke
6f4cb12be2
Add identity proof
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-21 11:30:00 +01:00
Lukas Reschke
53c8391e96
Add private
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-21 11:30:00 +01:00
Bjoern Schiessle
08e6541a88
fix unit tests
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-21 11:29:58 +01:00
Bjoern Schiessle
8f33d9d1c0
update system address book if the user change the personal settings
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-21 11:29:57 +01:00
Björn Schießle
40b99734d3
introduce accounts table and keep it up-to-date with the data added to the personal settings
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-21 11:29:41 +01:00
Joas Schilling
558f169671
Move the validation into one place only
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-21 09:23:37 +01:00
Joas Schilling
4652d203e3
Make sure we don't scan files that can not be accessed
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-21 09:23:32 +01:00
Lukas Reschke
8ec2e34576
Merge pull request #1602 from nextcloud/ignore-mod-env
...
Add system config htaccess.IgnoreFrontController for prettyURLs w/o mod_env
2016-11-18 21:42:56 +01:00
Morris Jobke
46768e71d9
Merge pull request #2076 from nextcloud/log_preview_access
...
Dispatch event on preview request
2016-11-18 20:45:29 +01:00
Morris Jobke
332eaec4c0
Merge pull request #1447 from nextcloud/password-confirmation-for-some-actions
...
Password confirmation for some actions
2016-11-18 15:42:30 +01:00
Morris Jobke
faee255ff4
Merge pull request #840 from nextcloud/theming-icon-endpoint
...
Add dynamic icon creation
2016-11-18 15:35:34 +01:00
Lukas Reschke
cc500c2810
Merge pull request #2199 from nextcloud/readfile-close-handle
...
close the file handle after readfile
2016-11-18 14:58:03 +01:00
Robin Appelman
8b9ad46ba3
Merge pull request #768 from nextcloud/s3-objectstore
...
Add S3 objectstore backend
2016-11-18 14:55:07 +01:00
Robin Appelman
89d37575a3
close the file handle after readfile
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-18 12:19:49 +01:00
Joas Schilling
bb7787a157
Add the 15 seconds to the window, instead of removing
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-18 12:10:51 +01:00
Joas Schilling
827b6a610e
Introduce PasswordConfirmRequired annotation
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-18 11:57:16 +01:00
Joas Schilling
d75e35b75e
Introduce the UI for password confirmation
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-18 11:57:16 +01:00
Morris Jobke
ccdf387041
Merge pull request #2184 from nextcloud/share-join-cache
...
Get the share root info directly when querying for shares
2016-11-18 11:33:33 +01:00
Julius Haertl
2e8dd21815
Improve caching
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2016-11-18 10:23:24 +01:00
Julius Haertl
237034818d
Check if dynamic icons can be used
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2016-11-18 10:23:24 +01:00
Julius Haertl
9ac5476c4e
Add cachebuster to favicons
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2016-11-18 10:23:23 +01:00
Julius Haertl
c7adcb85ae
Theming: Fix default parameters in icon routes
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2016-11-18 10:23:23 +01:00
Julius Haertl
2d65b8c600
Theming: Add favicon-touch and fix icon creation with non svg images
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2016-11-18 10:23:22 +01:00
Julius Haertl
da6285b84f
Core: load favicon from theming app
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2016-11-18 10:23:22 +01:00
Robin Appelman
5acbdf1e36
also work with group shares
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-17 23:30:50 +01:00
Morris Jobke
d3900fc0d5
Merge pull request #2177 from nextcloud/appmanager-getapppath
...
Expose getAppPath to public API
2016-11-17 22:39:34 +01:00
Julius Haertl
caacb6c261
Expose getAppPath to public API
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2016-11-17 19:24:24 +01:00
Robin Appelman
2f03fcab4a
let the share backend get the node cacheentry to save queries
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-17 18:48:38 +01:00
Robin Appelman
14cdeafc3e
make source cache injectable in cache wrappers
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-17 18:48:38 +01:00
Robin Appelman
07e51a719a
Allow aliasing columns when using the query builder
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-17 18:48:35 +01:00
Morris Jobke
02bfd91553
Merge pull request #2176 from nextcloud/share-cache-root-info
...
reuse the known rootinfo in the shared cache when possible
2016-11-17 18:47:39 +01:00
Morris Jobke
54ca411ff0
Merge pull request #2167 from nextcloud/mountmanager-lockdown
...
ensure we setup the mount manager when in lockdown
2016-11-17 16:56:55 +01:00
Robin Appelman
30e7c27d86
reuse the known rootinfo in the shared cache when possible
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-17 14:59:31 +01:00
Robin Appelman
73dfe1835a
use lower loglevel for token cleanup messages
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-17 10:42:12 +01:00
Joas Schilling
de983e61e3
Merge pull request #2170 from nextcloud/ocs_person_to_controller
...
OCS person to controller
2016-11-17 09:40:16 +01:00
Lukas Reschke
13610ad2d0
Merge pull request #2164 from nextcloud/token-login-wanring
...
fix warning with token login
2016-11-17 03:28:39 +01:00
Morris Jobke
8a02647e65
Merge pull request #2122 from nextcloud/downstream-26520
...
Hack to prevent warning for read-only wrapper in public links
2016-11-17 00:54:08 +01:00
Felix Epp
1614b310ef
Add system config htaccess.IgnoreFrontController for prettyURLs w/o mod_env
...
Added the system config which sets all conditions to true that query the
FrontControllerActive mod_env variable.
Signed-off-by: Felix A. Epp <work@felixepp.de>
2016-11-16 22:28:49 +01:00
Roeland Jago Douma
1baa2b8deb
Move OC\OCS\Person to OCSController
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-16 19:21:00 +01:00