Commit graph

68 commits

Author SHA1 Message Date
Thomas Müller
9f25745649 Fix single file download - fixes #19614 2015-10-07 13:15:58 +02:00
Thomas Müller
319e61f0ea Merge pull request #19407 from owncloud/lock-zip-content
Lock zip content
2015-10-06 11:47:43 +02:00
Morris Jobke
b945d71384 update licence headers via script 2015-10-05 21:15:52 +02:00
Thomas Müller
be46cd6737 Refactor single file download into it's own method 2015-10-05 17:47:15 +02:00
Thomas Müller
57f841da2c Recursively lock folder contents 2015-10-05 17:31:37 +02:00
Thomas Müller
3bf818450a release locks in case of exception 2015-10-05 16:53:57 +02:00
Thomas Müller
def8e0c12a log the exception during zip creation 2015-10-05 16:53:57 +02:00
Thomas Müller
b5dce05cb6 Lock files which are zipped 2015-10-05 16:53:57 +02:00
Victor Dubiniuk
027fb4e3fe More corrections 2015-09-28 11:46:54 +02:00
Victor Dubiniuk
28df7be319 Add namespace. Fix broken zip 2015-09-28 11:46:54 +02:00
Victor Dubiniuk
e3b95e8473 Introduce streamer 2015-09-28 11:46:53 +02:00
Nicolai Ehemann
6c6be72e6b use zipstreamer via composer 2015-09-14 15:33:28 +02:00
Nicolai Ehemann
be2023dae3 lib/private/files.php: adapted to minimally changed ZipStreamer API 2015-09-14 12:57:50 +02:00
Lukas Reschke
84797023ed Remove XSendFile support
Required to ensure proper locking
2015-09-07 16:52:50 +02:00
Robin McCorkell
aac84f732d Unit test OC_Files::setUploadLimit()
There was also a bug with checking the upper limit on the passed upload
size. PHP does funny things with integer vs float comparisons, so our
check didn't work. Now the check is much simpler, and ensures the value
is sane.
2015-07-20 15:03:09 +01:00
Robin McCorkell
d3bcafe618 Update .user.ini when setting upload size limit 2015-07-20 12:52:43 +01:00
Thomas Müller
d3ac73c0c9 Remove OC_Log 2015-07-03 18:00:16 +02:00
Lukas Reschke
d1f0ff372e Merge pull request #17163 from owncloud/update-licenses
Update license headers
2015-06-27 20:22:23 +02:00
Morris Jobke
f63915d0c8 update license headers and authors 2015-06-25 14:13:49 +02:00
Thomas Müller
c74c8eff3a Enable x-sendfile only if we do not lock the file system 2015-06-22 12:07:53 +02:00
Vincent Petry
a9bca9e3aa Lock file before download
This will throw a LockedException if a concurrent request is currently
touching that file.
2015-06-18 12:05:26 +02:00
Lukas Reschke
8ce3d6ea57 End processing when file is not found
We have to end the processing when a file is not found or otherwise the method is proceeding and even sending invalid file paths to the sendfile methods.

Due to nginx preventing directory traversals this is luckily not immediately exploitable. We should for hardening purposes however quit the script execution just as we do for 403 cases and others as well.
2015-05-22 11:53:02 +02:00
Bjoern Schiessle
887be709f5 a new approach to display the error message 2015-05-18 10:15:17 +02:00
Thomas Müller
00338f9dca Removing files_encryption left overs 2015-04-07 13:30:28 +02:00
Thomas Müller
3bf269e565 Merge pull request #15229 from owncloud/response-setContentLengthHeader
Add OC_Response::setContentLengthHeader() for Apache PHP SAPI workaround...
2015-04-03 22:51:36 +02:00
Robin McCorkell
ab991458ad Require minimum 1 MiB upload limit 2015-03-27 23:43:35 +00:00
Thomas Müller
a8b756154a Merge pull request #14495 from owncloud/update-mailmap-01
Updating .mailmap
2015-03-26 17:17:18 +01:00
Andreas Fischer
0f58315543 Add OC_Response::setContentLengthHeader() for Apache PHP SAPI workaround.
Do not send Content-Length headers with a value larger than PHP_INT_MAX
(2147483647) on Apache PHP SAPI 32-bit. PHP will eat them and send 2147483647
instead.

When X-Sendfile is enabled, Apache will send a correct Content-Length header,
even for files larger than 2147483647 bytes. When X-Sendfile is not enabled,
ownCloud will not send a Content-Length header. This prevents progress bars
from working, but allows the actual transfer to work properly.
2015-03-26 16:37:38 +01:00
Jenkins for ownCloud
b585d87d9d Update license headers 2015-03-26 11:44:36 +01:00
dratini0
d4e5ef4f38 Removed simplified X-accel-redirect even further 2015-03-23 17:51:12 +01:00
dratini0
c432b52c74 Changed the disputed while loop to a single if. 2015-03-23 16:12:03 +01:00
Morris Jobke
06aef4e8b1 Revert "Updating license headers"
This reverts commit 6a1a4880f0.
2015-02-26 11:37:37 +01:00
Jenkins for ownCloud
6a1a4880f0 Updating license headers 2015-02-23 12:13:59 +01:00
dratini0
10e13b172a Extending the X-accel redirect functionality with a more scalable approach. 2015-02-11 22:19:22 +01:00
dratini0
b1594ad1df Revert "Fix: X-Accel-Redirect did not support custom data dir and local mounts"
This reverts commit f2075f803f.
2015-02-11 22:19:22 +01:00
dratini0
80032ec301 Revert "removed a little duplication"
This reverts commit 31970ee740.
2015-02-11 22:19:22 +01:00
dratini0
31970ee740 removed a little duplication 2014-12-30 22:36:13 +01:00
dratini0
f2075f803f Fix: X-Accel-Redirect did not support custom data dir and local mounts 2014-12-30 22:07:04 +01:00
Joas Schilling
8e28bf012c Move constants from GET_TYPE to OC\Files so they can be autoloaded 2014-11-26 12:56:54 +01:00
Lukas Reschke
b3a04840b5 Add type hinting to functions
It's only reasonable to have proper type hinting here which might even help us to catch bugs.
2014-10-24 14:13:40 +02:00
Lukas Reschke
8fc1a9f5a9 Make 404 page easier to understand
Fixes https://github.com/owncloud/core/issues/11133
2014-09-17 22:57:32 +02:00
Lukas Reschke
312ed18d15 Use secure mimetype for content delivery
Adds some hardening against potential CSP bypassed.
2014-09-08 15:57:39 +02:00
Morris Jobke
57ef089aac drop allowZIPdownload and maxZIPSize as options 2014-06-02 16:29:03 +02:00
Robin McCorkell
a7ae2e874a Squash 'a | b' into 'a|b', in /lib 2014-05-13 19:08:14 +01:00
Vincent Petry
d16bb09aed Merge pull request #8045 from josh4trunks/nginx_x-accel_send_uri
Send URI instead of filepath to NGINX for X-Accel
2014-05-06 18:41:06 +02:00
Morris Jobke
623161b9a9 Merge pull request #8023 from flyser/master
Fix setting the max-upload-size for really large values.
2014-05-03 11:49:38 +02:00
Lukas Reschke
81c23b02da Link to previous directory 2014-04-16 21:10:14 +02:00
Lukas Reschke
2bda3f9ae0 Use direct link instead of JS
Due to our CSP policy this link won’t work as it it considered as
inline Javascript.

This commit replaces the link with a static link to the files app.

Reimplementation of #8067 - fixes #7742
2014-04-14 20:16:52 +02:00
josh4trunks
9b4643f386 Send URI instead of filepath to NGINX for X-Accel 2014-04-03 20:46:54 -07:00
Fabian Henze
7cdb16979a Fix setting the max-upload-size for really large values.
php can only parse filesize units up to gigabytes, not terabytes or petabytes.
2014-04-03 01:17:28 +02:00