wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
server/apps
History
Lukas Reschke 6eeb905871 Do only follow HTTP and HTTPS redirects 
We do not want to follow redirects to other protocols since they might allow an adversary to bypass network restrictions. (i.e. a redirect to ftp:// might be used to access files of a FTP server which might be in a secure zone and not be reachable from the net but from the ownCloud server)

Get final redirect manually using get_headers()

Migrate to HTTPHelper class and add unit tests
2014-09-22 20:02:32 +02:00
..
files Do only follow HTTP and HTTPS redirects 2014-09-22 20:02:32 +02:00
files_encryption Merge pull request #11167 from owncloud/env-movetomountreenableproxy 2014-09-22 16:30:19 +02:00
files_external [tx-robot] updated from transifex 2014-09-20 01:54:34 -04:00
files_sharing fix button text l10n 2014-09-22 09:32:03 +02:00
files_trashbin Merge pull request #11081 from owncloud/trash_fix_expire 2014-09-16 13:58:12 +02:00
files_versions [tx-robot] updated from transifex 2014-09-11 01:54:41 -04:00
user_ldap [tx-robot] updated from transifex 2014-09-21 01:54:29 -04:00
user_webdavauth [tx-robot] updated from transifex 2014-09-07 01:54:42 -04:00