nextcloud

mirror of https://github.com/nextcloud/server.git synced 2026-02-03 20:41:22 -05:00

Author	SHA1	Message	Date
Joas Schilling	9caa4e20e5	test(dispatcher): Add some tests with input 0 Signed-off-by: Joas Schilling <coding@schilljs.com>	2026-02-03 08:32:43 +01:00
Ferdinand Thiessen	d6d6747a73	refactor: apply rector rules for PHPUnit 10 Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-10-27 21:56:04 +01:00
Carl Schwan	60c2875670	refactor: Cleanup some unit tests - use declare(strict_types=1) - use strong typing - Remove some weird things in ControllerTest Signed-off-by: Carl Schwan <carl.schwan@nextcloud.com>	2025-10-01 10:11:27 +02:00
John Molakvoæ	4829ac57c1	fix: use `OCP\Server` Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>	2025-08-01 17:00:09 +02:00
Josh	14b4d0327e	fix(AppFramework): Log malformed protocol values and unify fallback behavior Signed-off-by: Josh <josh.t.richards@gmail.com>	2025-08-01 17:00:09 +02:00
Robin Appelman	aa15f9d16d	chore: run rector Signed-off-by: Robin Appelman <robin@icewind.nl>	2025-07-01 22:45:52 +02:00
Ferdinand Thiessen	5981b7eb51	chore: apply new CSFixer rules Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de> # Conflicts: # apps/settings/lib/SetupChecks/PhpOpcacheSetup.php	2025-07-01 16:26:50 +02:00
Robin Appelman	3561937816	chore: run rector on tests with new rule Signed-off-by: Robin Appelman <robin@icewind.nl>	2025-06-12 18:38:29 +02:00
Robin Appelman	29e39c0a2e	chore: run rector on tests Signed-off-by: Robin Appelman <robin@icewind.nl>	2025-06-12 18:31:58 +02:00
Daniel Kesselberg	be587def0e	fix: use correct format for expires, last-modified, and if-modified-since headers Before: Sat, 10 May 2025 18:17:41 +0000 After: Sat, 10 May 2025 18:17:41 GMT RFC: https://httpwg.org/specs/rfc9110.html#http.date Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2025-06-10 13:15:31 +02:00
Joas Schilling	5f9117b939	test: Fix coding standards Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-05-15 08:48:13 +02:00
Joas Schilling	720ab52e07	test: Fix tests/lib/App* Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-05-15 08:21:24 +02:00
Joas Schilling	522be60ff0	fix(phpunit): Remove some more withConsecutive calls Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-03-31 09:43:22 +02:00
Johannes Endres	ae2cc23658	fix: Change UserAgent to *cloud Co-authored-by: Daniel Kesselberg <mail@danielkesselberg.de> Signed-off-by: Johannes Endres <je@johannes-endres.de>	2025-02-19 18:51:08 +01:00
Joas Schilling	1909b981a4	fix(controller): Fix false booleans in multipart/form-data Signed-off-by: Joas Schilling <coding@schilljs.com>	2024-11-28 12:18:30 +01:00
provokateurin	9836e9b164	chore(deps): Update nextcloud/coding-standard to v1.3.1 Signed-off-by: provokateurin <kate@provokateurin.de>	2024-09-19 14:21:20 +02:00
Christoph Wurst	49dd79eabb	refactor: Add void return type to PHPUnit test methods Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-09-15 22:32:31 +02:00
Ferdinand Thiessen	4d2556d4cf	refactor(IMenuAction): Make public menu actions use the new Vue UI This removes custom rendering code an replaces it with the declarative menu actions. Also adjust the template to allow the Vue UI to mount. Custom entries still are possible. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-09-03 16:07:49 +02:00
Daniel Kesselberg	af6de04e9e	style: update codestyle for coding-standard 1.2.3 Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2024-08-25 19:34:58 +02:00
Ferdinand Thiessen	009761be58	test: Adjust tests for CSP nonce Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-08-13 10:06:32 +02:00
provokateurin	9d1705259c	fix(AppFramework): Allow requests with OCS-APIRequest header to pass CSRF checks Signed-off-by: provokateurin <kate@provokateurin.de>	2024-07-25 17:31:49 +02:00
Andy Scherzinger	1f7e2ba599	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2024-05-13 17:41:36 +02:00
Joas Schilling	9ed3ab7d87	test(request): Add tests to strip the port when forwarding requests Signed-off-by: Joas Schilling <coding@schilljs.com>	2024-02-13 16:51:13 +01:00
Arthur Schiwon	216b95f8b1	test(unit): fix RequestTest Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2024-01-27 15:11:26 +01:00
Joas Schilling	f6b6776c93	fix(API): Use a distinct exception so apps can react to it and customize the return Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-11-28 06:11:57 +01:00
Arthur Schiwon	3fa43a529b	enh(dispatcher): enforce psalm ranges in the http dispatcher - allows devs to provide int ranges for API arguments Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2023-11-24 12:46:38 +01:00
Joas Schilling	aa5f037af7	chore: apply changes from Nextcloud coding standards 1.1.1 Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2023-11-23 10:36:13 +01:00
Ferdinand Thiessen	ecf9f0a872	fix(CSP): Only add `strict-dynamic` when using nonces Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2023-11-17 22:01:02 +01:00
Ferdinand Thiessen	e231abd9bf	fix!(ContentSecurityPolicy): Make `strict-dynamic` enabled by default on `script-src-elem` Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2023-11-17 14:42:36 +01:00
Ferdinand Thiessen	7df9eb3351	feat(ContentSecurityPolicy): Allow to set `strict-dynamic` on `script-src-elem` only This adds the possibility to set `strict-dynamic` on `script-src-elem` only while keep the default rules for `script-src`. The idea is to allow loading module js which imports other files and thus does not allow nonces on import but on the initial script tag. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2023-11-17 11:12:57 +01:00
Joas Schilling	2fa78f6245	Reverse X-Forwarded-For list to read the correct proxy remote address Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-11-16 07:45:19 +01:00
Git'Fellow	066f6ef16c	Stop sending deprecated Pragma header Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>	2023-08-28 15:11:22 +02:00
Daniel Calviño Sánchez	41f2d912d2	Allow "wasm-unsafe-eval" in CSP If a page has a Content Security Policy header and the `script-src` (or `default-src`) directive does not contain neither `wasm-unsafe-eval` nor `unsafe-eval` loading and executing WebAssembly is blocked in the page (although it is still possible to load and execute WebAssembly in a worker thread). Although the Nextcloud classes to manage the CSP already supported allowing `unsafe-eval` this affects not only WebAssembly, but also the `eval` operation in JavaScript. To make possible to allow WebAssembly execution without allowing JavaScript `eval` this commit adds support for allowing `wasm-unsafe-eval`. Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>	2023-08-10 02:38:41 +02:00
Joas Schilling	2c6f32cb28	feat(request): Allow to match the client version with the IRequest::USER_AGENT_* regex Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-07-11 07:35:50 +02:00
jld3103	b0001c6010	Add template types to responses Signed-off-by: jld3103 <jld3103yt@gmail.com>	2023-06-30 09:33:29 +02:00
Christoph Wurst	08a3f37695	chore(appframework)!: Drop \OCP\AppFramework\Http\EmptyContentSecurityPolicy::allowInlineScript Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-06-12 10:03:59 +02:00
Côme Chilliet	8d5165e8dc	Adapt tests to config value typing Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-04-05 17:42:14 +02:00
MichaIng	5f90b8eb11	Change X-Robots-Tag header from "none" to "noindex, nofollow" While "none" is indeed equivalent to "noindex, nofollow" for Google, but seems to be not supported by Bing and probably other search engines. https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meta/name#other_metadata_names https://developers.google.com/search/docs/crawling-indexing/robots-meta-tag?hl=de#comma-separated-list https://www.bing.com/webmasters/help/which-robots-metatags-does-bing-support-5198d240 Signed-off-by: MichaIng <micha@dietpi.com>	2023-02-15 20:16:51 +01:00
Côme Chilliet	f5c361cf44	composer run cs:fix Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-01-20 11:45:08 +01:00
Christoph Wurst	20fcfb5739	feat(app framework)!: Inject services into controller methods Usually Nextcloud DI goes through constructor injection. This has the implication that each instance of a class builds the full DI tree. That is the injected services, their services, etc. Occasionally there is a service that is only needed for one controller method. Then the DI tree is build regardless if used or not. If services are injected into the method, we only build the DI tree if that method gets executed. This is also how Laravel allows injection. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-01-18 14:00:38 +01:00
Stanimir Bozhilov	7dcd6eb561	Merge branch 'master' into add-scim-json-support Signed-off-by: Stanimir Bozhilov <stanimir.bozhilov.1998@gmail.com>	2022-12-19 09:07:38 +01:00
Vincent Petry	ae6fe874ed	Merge pull request #35780 from nextcloud/fix/http-dispatcher-double-parameter-cast Fix missing cast of double controller parameters	2022-12-16 16:18:35 +01:00
Christoph Wurst	b6dd1a1d7b	fix(app framework): Fix missing cast of double controller parameters ``settype`` allows 'double' as alias of 'float'. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2022-12-15 09:33:52 +01:00
Artur Neumann	81f2857f34	check if params given to API are really an array Signed-off-by: Artur Neumann <artur@jankaritech.com>	2022-12-15 13:45:22 +05:45
Côme Chilliet	68363f6944	Fix some more problems with tests under PHP 8.2 Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-11-15 16:02:24 +01:00
Stanimir Bozhilov	46c10c77e1	Fix the JSON content type regex to match all MIME types Signed-off-by: Stanimir Bozhilov <stanimir@audriga.com>	2022-09-26 11:51:44 +02:00
Stanimir Bozhilov	f7d51a39cf	Add unit tests for application/scim+json content type Signed-off-by: Stanimir Bozhilov <stanimir@audriga.com>	2022-09-20 16:19:05 +02:00
Simon Leiner	09362eaeaa	Support specifying IPv6 proxies in CIDR notation Previously, it was not possible to use CIDR notation for IPv6 proxies in the trusted_proxies parameter of config.php [1]. This patch adds support for that. [1]: https://docs.nextcloud.com/server/24/admin_manual/configuration_server/reverse_proxy_configuration.html#defining-trusted-proxies Signed-off-by: Simon Leiner <simon@leiner.me>	2022-08-02 17:36:47 +02:00
Côme Chilliet	1bd5222224	Fix PHP 8.2 warnings about undeclared properties Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-06-21 16:17:52 +02:00
Côme Chilliet	c7e1c36362	Remove at matcher uses in tests/lib Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-06-16 17:43:17 +02:00

1 2 3

133 commits