☁️ Nextcloud server, a safe home for all your data
8313a3fcb3
While BREACH requires the following three factors to be effectively exploitable we should add another mitigation: 1. Application must support HTTP compression 2. Response most reflect user-controlled input 3. Response should contain sensitive data Especially part 2 is with ownCloud not really given since user-input is usually only echoed if a CSRF token has been passed. To reduce the risk even further it is however sensible to encrypt the CSRF token with a shared secret. Since this will change on every request an attack such as BREACH is not feasible anymore against the CSRF token at least. |
||
---|---|---|
.idea | ||
3rdparty@b94f7d38f6 | ||
apps | ||
build | ||
config | ||
core | ||
l10n | ||
lib | ||
ocs | ||
ocs-provider | ||
settings | ||
tests | ||
themes | ||
.bowerrc | ||
.gitignore | ||
.gitmodules | ||
.htaccess | ||
.jshintrc | ||
.mailmap | ||
.scrutinizer.yml | ||
.tag | ||
.user.ini | ||
AUTHORS | ||
autotest-external.sh | ||
autotest-hhvm.sh | ||
autotest-js.sh | ||
autotest.cmd | ||
autotest.sh | ||
bower.json | ||
buildjsdocs.sh | ||
console.php | ||
CONTRIBUTING.md | ||
COPYING-AGPL | ||
COPYING-README | ||
cron.php | ||
db_structure.xml | ||
index.html | ||
index.php | ||
indie.json | ||
issue_template.md | ||
occ | ||
public.php | ||
README.md | ||
remote.php | ||
robots.txt | ||
status.php | ||
version.php |
ownCloud
ownCloud gives you freedom and control over your own data. A personal cloud which runs on your own server.
Build Status on Jenkins CI
Quality:
Depencencies:
Installation instructions
https://doc.owncloud.org/server/8.2/developer_manual/app/index.html
Contribution Guidelines
https://owncloud.org/contribute/
Get in touch
Important notice on translations
Please submit translations via Transifex: https://www.transifex.com/projects/p/owncloud/
For more detailed information about translations: http://doc.owncloud.org/server/8.2/developer_manual/core/translation.html