nextcloud

mirror of https://github.com/nextcloud/server.git synced 2026-04-12 20:47:04 -04:00

Author	SHA1	Message	Date
Côme Chilliet	a5e79add44	fix(tests): Adapt Middleware tests to API change Removed a few tests rendered obsolete by the refactoring. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2026-03-20 11:00:58 +01:00
Côme Chilliet	36a6227a5f	fix: Remove code duplication by using the new method Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2026-03-19 15:46:18 +01:00
Côme Chilliet	c30ad63d48	fix: Move hasAnnotationOrAttribute to the reflector Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2026-03-19 15:46:01 +01:00
Ferdinand Thiessen	77dc78855f	fix(SecurityMiddleware): return header to distinguish error type Currently we return a 403 (Forbidden) when the password confirmation failed - which itself seems to be inappropriate as its basically a login failing so a 401 (not authorized) is more appropriate. This is especially a problem because APIs might return 403 internally for good reason (e.g. user missing permission) but 401 would not be a problem. But as this is a breaking change so my solution to be able to distinguish API error from password confirmation error is: Add a header inside the response that marks failed password confirmation `X-NC-Auth-NotConfirmed`. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2026-03-12 08:54:39 +00:00
Raphael Gradenwitz	a643150cb3	Merge branch 'stable32' into backport/58648/stable32	2026-03-10 17:15:37 +01:00
ernolf	1640d3d649	feat(routing): add files_sharing_raw to rootUrlApps - Registers the files_sharing_raw app as a root-URL app so that its routes are served under /raw/{token} and /rss instead of the default /apps/files_sharing_raw/... prefix. This is required for the files_sharing_raw app to generate correct canonical raw URLs via PublicUrlBuilder. Signed-off-by: ernolf <raphael.gradenwitz@googlemail.com>	2026-03-10 14:31:35 +00:00
Anna Larch	447c77e23e	fix: add fallback to raw path info Follow up to https://github.com/nextcloud/server/pull/56843 The raw path info method has no fallback for an empty array parameter Signed-off-by: Anna Larch <anna@nextcloud.com>	2026-03-10 12:52:15 +00:00
Joas Schilling	ea0d1d3f2e	fix(controller): Support native int ranges Signed-off-by: Joas Schilling <coding@schilljs.com>	2026-01-07 18:06:10 +00:00
Côme Chilliet	dcdb53634e	feat(log): Add script name and occ command to log details This will help when troubleshooting issues. For web request we have method and url, but for cron and occ currently we have no way to know if it’s one or the other and which command. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-12-15 16:57:16 +01:00
provokateurin	258956e09e	fix(AppFramework): Check for responder existence Signed-off-by: provokateurin <kate@provokateurin.de>	2025-11-12 10:46:36 +00:00
Joas Schilling	826fe1a918	feat(rate-limit): Allow overwriting the rate limit Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-11-12 10:55:06 +01:00
Louis Chmn	a8695aef3c	feat(EphemeralSessions): Introduce lax period Signed-off-by: Louis Chmn <louis@chmn.me>	2025-11-06 10:24:34 +00:00
Maxence Lange	b9b7931b7c	feat(route): globalsiteselector as root url generator Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2025-10-16 21:56:01 +00:00
Côme Chilliet	2f3e2c0928	fix: Do not try to create lazy ghosts for PHP internal classes Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com> (cherry picked from commit `d51efd9735`)	2025-09-29 10:42:43 +02:00
Kate	a1709f576e	Merge pull request #54627 from nextcloud/fix/ocs/accept-header	2025-08-28 14:03:23 +02:00
provokateurin	aab11d35d3	fix(OCS): Add IRequest::getFormat to determine the response Content-Type the same way everywhere Signed-off-by: provokateurin <kate@provokateurin.de>	2025-08-26 09:50:03 +02:00
Joas Schilling	11aa997da3	fix(2fa): Fix 2FA session setup when ephemeral session is used Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-08-25 10:39:17 +02:00
Joas Schilling	57f09b642e	fix(container): Reduce general deprecation spam on all requests Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-08-09 11:53:30 +02:00
Benjamin Gaussorgues	8783679a49	Merge pull request #54303 from nextcloud/jtr-oc-appframework-app-cleanup	2025-08-08 10:41:51 +02:00
Joas Schilling	2f18996347	fix(container): Don't use deprecated things to set up controllers for apps Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-08-08 08:42:56 +02:00
Joas Schilling	17c40b9474	fix(container): Log the deprecation to the app when possible Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-08-08 08:42:55 +02:00
Josh	67c14b0f11	refactor(App): \OC\AppFramework\App clean-up Signed-off-by: Josh <josh.t.richards@gmail.com>	2025-08-06 17:10:45 -04:00
Josh	9195987d14	refactor(AppFramework): drop unused spreed/Talk fallback No longer needed from what I can tell since #20114 & nextcloud/spreed#3134 Signed-off-by: Josh <josh.t.richards@gmail.com>	2025-08-04 08:59:49 -04:00
John Molakvoæ	4829ac57c1	fix: use `OCP\Server` Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>	2025-08-01 17:00:09 +02:00
Josh	14b4d0327e	fix(AppFramework): Log malformed protocol values and unify fallback behavior Signed-off-by: Josh <josh.t.richards@gmail.com>	2025-08-01 17:00:09 +02:00
Maxence Lange	132513dbf3	fix(userconfig): duplicate core lexicon Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2025-07-29 10:36:44 -01:00
John Molakvoæ	e89b3a0597	Merge pull request #54051 from nextcloud/fix/session/log-ephemeral-session-close	2025-07-28 08:16:32 +02:00
Maxence Lange	33bff30e1d	feat(lexicon): moving out from unstable Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2025-07-24 15:56:33 -01:00
Christoph Wurst	084a2e8859	fix(session): log when ephemeral sessions are closed Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2025-07-23 07:52:06 +02:00
Ferdinand Thiessen	7fe272fd74	fix(Coordinator): ensure the core app is loaded first Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-07-17 16:59:45 +02:00
Côme Chilliet	2346a528ba	fix: Tidy up middleware registration code and scope them to application container This make sure that all middlewares get a logger scoped to the application id, among other things. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-07-08 13:32:16 +02:00
Côme Chilliet	3dd4ba854f	fix: Add back ContainerInterface service to DIContainer Otherwise it gets resolved to \OC::$server. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-07-08 13:32:15 +02:00
Côme Chilliet	2240acec7f	fix: Put back ScopedPsrLogger service Cannot use an alias for this one, as it depends upon LoggerInterface so that creates an infinite loop. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-07-08 13:32:15 +02:00
Côme Chilliet	bbe766b07a	fix: Make sure Request class can be dependency injected to fix SameSiteCookieMiddleware injection Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-07-08 13:32:14 +02:00
Côme Chilliet	ab310ce938	fix: Fix issues and tests in DIContainer and friends Some tests related to MiddlewareDispatcher are still failing. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-07-08 13:32:14 +02:00
Côme Chilliet	9913bdda90	chore: Cleanup DIContainer class Also removed deprecated tag from the class as this class will not be removed, only the interface IAppContainer and associated methods should be removed. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-07-08 13:32:12 +02:00
Andy Scherzinger	0c087ece4c	Merge pull request #53740 from nextcloud/fix/properly-fail-on-invalid-json Properly fail on invalid json	2025-07-03 18:00:28 +02:00
Ferdinand Thiessen	5981b7eb51	chore: apply new CSFixer rules Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de> # Conflicts: # apps/settings/lib/SetupChecks/PhpOpcacheSetup.php	2025-07-01 16:26:50 +02:00
Côme Chilliet	79f4e0de76	fix: Only attempt to decode JSON input if it is not an empty string Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-07-01 11:24:27 +02:00
Côme Chilliet	e8bc35ec0a	fix(ocs): Return a proper error on JSON decoding failures Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-07-01 10:45:31 +02:00
Côme Chilliet	87f98c88ab	chore: Rename property and type it to match its current use in Request Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-07-01 10:25:14 +02:00
Robin Appelman	8b0a3a774d	fix: throw a better error if we don't get an authorization header for secutity confirmation Signed-off-by: Robin Appelman <robin@icewind.nl>	2025-06-24 15:57:20 +02:00
Daniel Kesselberg	be587def0e	fix: use correct format for expires, last-modified, and if-modified-since headers Before: Sat, 10 May 2025 18:17:41 +0000 After: Sat, 10 May 2025 18:17:41 GMT RFC: https://httpwg.org/specs/rfc9110.html#http.date Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2025-06-10 13:15:31 +02:00
Côme Chilliet	2eed6d3a89	feat: Add a configuration toggle for lazy objects in DI Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-06-05 20:51:24 +02:00
Côme Chilliet	98b2cfc416	fix: Fix several side effects of lazy ghosts Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-06-05 20:50:42 +02:00
Côme Chilliet	86ff5810d7	fix: Only use Lazy objects if PHP is 8.4 or higher Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-06-05 20:49:58 +02:00
Côme Chilliet	1bf41550d0	chore: Suppress psalm error Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-06-05 20:49:58 +02:00
Côme Chilliet	06c062bebd	feat: Use Lazy ghosts for Dependency injection This will only work with PHP 8.4, so we’ll need to put it behind a version check later. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-06-05 20:49:38 +02:00
Côme Chilliet	e8370bf73a	fix: Use only enabled applications versions in the cache prefix This makes sure the cached routes are updated after enabling a previously disabled application Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-06-05 17:58:54 +02:00
Ferdinand Thiessen	c21e189850	fix: make core application bootstrapable by coordinator Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de> Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com> Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-06-02 15:58:54 +02:00

1 2 3 4 5 ...

636 commits