Commit graph

43472 commits

Author SHA1 Message Date
Daniel Calviño Sánchez
f8e3b572c8 Remove no longer needed escaping of special characters
The escaping of special characters was needed when the ids of the
permission checkboxes for shares were based on the "shareWith" field.
Since they are based on the "shareId" field the escaping is no longer
needed, as the "sharedId" is expected to always contain compatible
characters.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-04-18 17:03:45 +02:00
Jan-Christoph Borchardt
0f9ba852bc
Fix form labels and main landmark on log in page
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2018-04-18 16:14:09 +02:00
Jan-Christoph Borchardt
1c00f82ea5
Do not restrict zooming in
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2018-04-18 15:51:52 +02:00
Jan-Christoph Borchardt
0ee9924b16
Add aria-label to more-apps menu as well
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2018-04-18 15:40:47 +02:00
Jan-Christoph Borchardt
0d675eca56
Ensure proper color contrast according to WCAG AA
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2018-04-18 15:38:30 +02:00
Daniel Calviño Sánchez
1466586033 Fix ids of permission checkboxes for shares
The ids of permission checkboxes for shares were generated using the
"shareWith" field of the share. The "shareWith" field can contain spaces
(as spaces are allowed, for example, in user or circle names), so this
could cause the id attribute of the HTML element to contain spaces too,
which is forbidden by the HTML specification.

It is not just a "formal" issue, though; when the list was rendered, if
the id contained a space the selector to get the checkbox element was
wrong (as it ended being something like
"#canEdit-view1-name with spaces") and thus the initial state of the
checkbox was not properly set.

Besides that, "shareWith" can contain too single quotes, which would
even cause the jQuery selector to abort the search and leave the UI in
an invalid state.

Instead of adding more cases to the regular expression to escape special
characters and apply it too when the ids are created now the ids of
permission checkboxes for shares are based on the "shareId" field
instead of on "shareWith", as "shareId" is expected to always contain
compatible characters.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-04-18 15:25:23 +02:00
Jan-Christoph Borchardt
df3c1ac283
Add proper ARIA attributes and structure to header for accessibility, thanks to @MarcoZehe
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2018-04-18 15:07:42 +02:00
Joas Schilling
8f7a0af951
Allow IPv6 database hosts
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-04-18 14:48:21 +02:00
Joas Schilling
f50abde7ac
Add proper comment offset support
The offset is based on the last known comment instead of limit-offset,
so new comments don't mess up requests which get the history of an object-

Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-04-18 14:23:15 +02:00
John Molakvoæ
b2a87f84c4
Merge pull request #9218 from nextcloud/personal-settings
Move personal settings to css grid layout
2018-04-18 10:14:25 +02:00
Nextcloud bot
d4aa4ff1f4
[tx-robot] updated from transifex 2018-04-18 00:13:30 +00:00
Morris Jobke
13d21f5989
Merge pull request #9174 from nextcloud/dav-free-space-message
log more information about insufficient storage in dav plugin
2018-04-17 23:01:01 +02:00
Julius Härtl
09ada4ec2b
Move personal settings to css grid layout
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-04-17 22:40:03 +02:00
Roeland Jago Douma
b7d00ff5ef
Merge pull request #9217 from nextcloud/show-link-trusted-domains
Show a link to the docs instead of a button on the untrusted domain page
2018-04-17 21:21:37 +02:00
Morris Jobke
0d5142be70
Show a link to the docs instead of a button on the untrusted domain page
Before there was a button to "quickly" add the untrusted domain to the config. This button often didn't worked, because the generated URL was often untrusted as well. Thus removing it and providing proper docs seems to be the better approach to handle this rare case.

Also the log should not be spammed by messages for the untrusted domain accesses, because they are user related and not necessarily an administrative issue.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-04-17 17:47:11 +02:00
Morris Jobke
748b51a225
Merge pull request #9211 from nextcloud/update-crl
Update CRL to include old quicknotes cert
2018-04-17 17:15:58 +02:00
Robin Appelman
bc3fde9f75
log more information about insufficient storage in dav plugin
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-04-17 15:29:37 +02:00
Robin Appelman
991790686a
Merge pull request #9177 from nextcloud/log-exception-argument-classes
Log classnames of arguments in exception trace
2018-04-17 15:26:39 +02:00
Robin Appelman
f399e1591f
Log classnames of arguments in exception trace
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-04-17 13:46:36 +02:00
Morris Jobke
42b7dfe9ac
Merge pull request #9159 from nextcloud/appinfo-single-localized
fix appinfo parsing when a single localized option is provided
2018-04-17 13:45:43 +02:00
Morris Jobke
1bc192fbd4
Merge pull request #9203 from nextcloud/declare-func-as-safe
Declare func() as safe method in phan
2018-04-17 13:45:27 +02:00
Morris Jobke
7dcab39f34
Update CRL to include old quicknotes cert
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-04-17 11:40:56 +02:00
Robin Appelman
46d0d0cda1
fix appinfo parsing when a single localized option is provided
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-04-17 11:14:03 +02:00
Roeland Jago Douma
63dfbb2127
Merge pull request #9162 from nextcloud/allow-lang-ocs-api
Add language support for user creation
2018-04-17 11:01:46 +02:00
Morris Jobke
dfffc0fdda
Merge pull request #9184 from nextcloud/bug-9150
Fixes issue with the large cursor on Safari in the comment section.
2018-04-17 11:00:26 +02:00
Morris Jobke
1f06bc246c
Declare func() as safe method in phan
We added a special `func()` method to the query builder, which is a plain text function by definition. It uses the string and does no escaping on purpose. It has the potential for an injection but requiring to add the "supress warning" to all surrounding code makes it harder to spot actual problems, that this plugin want to find. So it's better to only need to check the func() and not all the surrounding code as well.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-04-17 10:58:00 +02:00
Roeland Jago Douma
cf27310505
Merge pull request #9206 from nextcloud/fix-select-text
Fix user selectable text for public links for text files
2018-04-17 10:56:32 +02:00
Nextcloud bot
3c250b1a35
[tx-robot] updated from transifex 2018-04-17 00:13:08 +00:00
Morris Jobke
8c085e7645
Merge pull request #9205 from nextcloud/plaintext-emails
Provide an option to disable HTML emails
2018-04-16 22:06:09 +02:00
Morris Jobke
9ee1febf62
Provide an option to disable HTML emails
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-04-16 19:00:05 +02:00
Morris Jobke
d93948426c
Merge pull request #9168 from nextcloud/enabled-state-proper-return-and-tests-fixes
Return proper boolean user enabled state api
2018-04-16 18:09:11 +02:00
Morris Jobke
66c92872ab
Fix user selectable text for public links for text files
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-04-16 16:36:29 +02:00
John Molakvoæ (skjnldsv)
5bd02a63a8
Fixed tests
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-04-16 15:18:33 +02:00
John Molakvoæ (skjnldsv)
6028d60038
Add language support for user creation
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-04-16 15:18:33 +02:00
John Molakvoæ (skjnldsv)
3e5ea9b0a9
Return proper boolean user enabled state api
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-04-16 15:17:02 +02:00
blizzz
056660bf7c
Merge pull request #9200 from nextcloud/fix-invalid-phan-detection
Fixes false positive possible sql injection by phan
2018-04-16 13:19:26 +02:00
Morris Jobke
4d832cd4e3
Fixes false positive possible sql injection by phan
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-04-16 11:47:11 +02:00
Morris Jobke
db8bcfc5f6
Merge pull request #9172 from nextcloud/karma-avatar-tests-fix
Fix js tests with placeholder
2018-04-16 11:32:30 +02:00
Nextcloud bot
85d4d9c592
[tx-robot] updated from transifex 2018-04-16 00:11:49 +00:00
Abijeet
0489643f50 Fixes issue with the large cursor on Safari in the comment section.
This was being caused due to the `display: inline-block` on the contenteditable div.

Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2018-04-14 20:28:32 +05:30
Nextcloud bot
13b5e257ab
[tx-robot] updated from transifex 2018-04-14 00:11:46 +00:00
John Molakvoæ (skjnldsv)
6cb40cf0c4
Fix js tests with placeholder
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-04-13 10:20:51 +02:00
Nextcloud bot
b7a64f9c13
[tx-robot] updated from transifex 2018-04-13 00:11:47 +00:00
blizzz
e2877c4999
Merge pull request #9164 from nextcloud/fix-autoloader
Fix autoloader
2018-04-12 19:31:12 +02:00
Morris Jobke
1517b1452e
Fix autoloader
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-04-12 16:24:44 +02:00
Jan-Christoph Borchardt
04f47a7653
Merge pull request #8535 from nextcloud/new-color-generator
New color generator algorithm
2018-04-12 14:37:53 +02:00
Robin Appelman
fb34ef1093
Merge pull request #9134 from nextcloud/db-locks-cli
dont keep shared database locks when running cli scripts
2018-04-12 12:09:43 +02:00
Morris Jobke
e275b9a2cf
Merge pull request #9158 from nextcloud/revert-9144-allow-lang-ocs-api
Revert "Add language support for user creation in api"
2018-04-12 11:01:06 +02:00
Morris Jobke
10b37a074c
Revert "Add language support for user creation in api" 2018-04-12 11:00:54 +02:00
Morris Jobke
d3f2b6aef4
Merge pull request #8820 from nextcloud/mtime-sort
Sorts filepicker files by modified date
2018-04-12 10:54:44 +02:00