nextcloud

mirror of https://github.com/nextcloud/server.git synced 2026-03-25 11:54:59 -04:00

Author	SHA1	Message	Date
provokateurin	5bd626bd40	chore: Fix all method calls with too many arguments Signed-off-by: provokateurin <kate@provokateurin.de>	2025-07-22 12:34:49 +02:00
John Molakvoæ	2b50d9b2c5	Revert "perf(base): Stop setting up the FS for every basic auth request"	2025-07-11 17:07:44 +02:00
provokateurin	689a853dc6	fix(dav): Initialize the FS for the user right after authenticating Signed-off-by: provokateurin <kate@provokateurin.de>	2025-07-08 11:38:58 +02:00
Ferdinand Thiessen	5981b7eb51	chore: apply new CSFixer rules Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de> # Conflicts: # apps/settings/lib/SetupChecks/PhpOpcacheSetup.php	2025-07-01 16:26:50 +02:00
Julius Knorr	82e299401e	perf(dav): Preload dav search with tags/favorites Signed-off-by: Julius Knorr <jus@bitgrid.net>	2025-06-27 20:42:07 +02:00
Maxence Lange	58c089e6f4	fix(dav): catch exception on non local account Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2025-06-25 14:35:02 +02:00
Robin Appelman	b9b8db6176	fix: log error when writing stream to dav file Signed-off-by: Robin Appelman <robin@icewind.nl>	2025-05-30 13:16:46 +02:00
Louis	a48bc55e2a	Merge pull request #52810 from nextcloud/artonge/feat/do_not_require_samesite_strict_cookie_on_public.php	2025-05-22 10:30:16 +02:00
Louis Chemineau	009d0c550c	fix: Move CSRF check from base to PublicAuth for public.php This currently prevent directly accessing a ressource when clicking on a link on a third party site. Example, clicking on `https://example.com/public.php/dav/files/pqLWcA269zfzXez/?accept=zip` in a GitHub comment. Skipping the check is an issue with password protected shares, as it allows third party sites to request the ressource when the user already entered the password, aka CSRF. So after removing the check from `base.php`, we need to add the it again in the `PublicAuth` plugin. We also add a redirect to be helpful to the user. Warning: this adds the limitation that clicking on a direct download link for password protected shares will redirect you to the password form, and then to the main share view. Fix #52482 Signed-off-by: Louis Chemineau <louis@chmn.me>	2025-05-21 16:01:36 +02:00
Ferdinand Thiessen	01db539d0a	chore: move streamCopy implementation from `OC_Helper` to `OCP\Files` The function was already there but called the legacy version. So moved the implementation and migrated all usages of it. Sadly the interface was slightly different so adjusted it to be compatible with both legacy and the OCP one. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-05-16 13:03:05 +02:00
provokateurin	78a175fc74	refactor: Apply rector refactorings Signed-off-by: provokateurin <kate@provokateurin.de>	2025-05-14 15:29:02 +02:00
John Molakvoæ (skjnldsv)	b286bca485	fix(dav): remove unnecessary plugin getHTTPMethods Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	2025-05-13 16:03:20 +02:00
John Molakvoæ (skjnldsv)	4495794a0b	feat(dav): allow uploading folders to public shares Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	2025-05-13 16:03:20 +02:00
Daniel	1c2b4f2a41	Merge pull request #52586 from nextcloud/bugfix/noid/remove-sleep-from-throttler fix(throttler): Always use the sleepDelayOrThrowOnMax instead of deprecated sleepDelay	2025-05-06 19:22:53 +02:00
provokateurin	46f5b07322	feat(dav): Enable chunked upload for public shares Signed-off-by: provokateurin <kate@provokateurin.de>	2025-05-05 13:23:11 +02:00
provokateurin	7f0953d520	refactor(dav): Replace baseuri manipulation with RootCollection for public shares Signed-off-by: provokateurin <kate@provokateurin.de>	2025-05-05 13:23:11 +02:00
provokateurin	e90e3a70fa	feat(dav): Allow share principals Signed-off-by: provokateurin <kate@provokateurin.de>	2025-05-05 13:23:10 +02:00
Joas Schilling	7964f338dc	fix(throttler): Remove the sleep from the throttler that throws The sleep is not adding benefit when it's being aborted with 429 in other cases anyway. Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-05-02 11:27:29 +02:00
skjnldsv	58aaddeca5	fix(dav): check the owner displayName scope before giving attribute Signed-off-by: skjnldsv <skjnldsv@protonmail.com>	2025-04-30 08:37:08 +02:00
Ferdinand Thiessen	b4255a9652	fix(dav): allow uploading of files with long filenames A filename must be less or equal 255 characters, but when adding the `.part` and `.ocfiletransfer` extensions we might overflow this limit. So we should also use filename hashes for uploading when the file has a long filename, similar like when we are uploading to the user storage directly. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-04-22 11:09:25 +02:00
Ferdinand Thiessen	6141ab1da6	refactor(dav): simplify length header handling Reduce nesting and drop duplicated sections. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-04-22 11:09:05 +02:00
Ferdinand Thiessen	ba3c504812	feat(files_sharing): add WebDAV property for the `hide-download` state of shares Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-04-16 20:38:20 +02:00
Ferdinand Thiessen	fdc0b1ecf4	Merge pull request #51845 from nextcloud/zip-download-no-sabre-response fix: don't have sabre/dav send it's own reponse if we already send the zip response	2025-04-01 19:26:04 +02:00
Robin Appelman	2b0116f0eb	fix: don't have sabre/dav send it's own reponse if we already send the zip response Signed-off-by: Robin Appelman <robin@icewind.nl>	2025-04-01 17:29:58 +02:00
Richard Steinmetz	246da73a36	fix(oauth2): retain support for legacy ownCloud clients Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>	2025-04-01 11:25:52 +02:00
Marcel Klehr	14cd98c989	fix(dav): Give proper HTTP status code on MKCOL when quota exceeded Signed-off-by: Marcel Klehr <mklehr@gmx.net>	2025-03-31 10:49:11 +02:00
Ferdinand Thiessen	fa63e646d4	fix(dav): do not require CSRF for safe and indempotent HTTP methods Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-03-13 12:04:30 +01:00
Louis Chemineau	c2f2f21673	feat: Support deleting metadata from WebDAV The `$value` will be `null` if the update is wrapped inside a `<d:remove>...</d:remove>` block. Signed-off-by: Louis Chemineau <louis@chmn.me>	2025-03-04 12:34:11 +01:00
Ferdinand Thiessen	845693582f	fix(dav): Handle end of stream in `File::put` If the stream is aborted and the callback wrapper returns false (or null as it happened in some cases), we should not try to write to the storage but abort the operation. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-02-18 16:41:10 +01:00
Côme Chilliet	64863c9d46	chore: Apply new rector configuration to apps folder Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-02-13 11:46:42 +01:00
Côme Chilliet	ed5b7ae161	chore: re-apply current rector configuration to apps folder Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-02-13 11:45:33 +01:00
Côme Chilliet	a3685551f7	fix: Replace isInstalled calls with isEnabledForAnyone or isEnabledForUser Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-02-13 10:19:19 +01:00
Robin Appelman	4978cd3c21	fix: use relative paths for upload locks Signed-off-by: Robin Appelman <robin@icewind.nl>	2025-02-11 14:38:27 +01:00
Daniel Kesselberg	99ae669e39	fix: Replace the TypeError to prevent exposing the installation path Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2025-02-11 14:38:26 +01:00
Robin Appelman	9193cd664e	fix: block moving files to it's own parent with dav Signed-off-by: Robin Appelman <robin@icewind.nl>	2025-01-03 15:30:20 +01:00
Git'Fellow	36d6b0f1e6	refactor: Use Http framework where possible Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>	2024-12-14 11:23:29 +01:00
Julius Knorr	cba556d641	Merge pull request #48612 from nextcloud/fix/activity-log-for-favorites-in-dav add activity logging for favorites in dav	2024-12-12 15:18:47 +01:00
Robin Appelman	ca241baac0	fix: log which file cannot be opened Signed-off-by: Robin Appelman <robin@icewind.nl>	2024-12-04 18:50:47 +01:00
Louis Chemineau	8be6a7c7dd	fix: Throw exception when copy failed Signed-off-by: Louis Chemineau <louis@chmn.me>	2024-12-04 16:23:39 +01:00
grnd-alt	8d953aeb8d	refactor(tags): move favorite event dispatching to tags.php Signed-off-by: grnd-alt <salimbelakkaf@outlook.de>	2024-12-03 20:56:36 +01:00
grnd-alt	2d02d83597	fix(dav): add activity logging for favorites in dav Signed-off-by: grnd-alt <salimbelakkaf@outlook.de>	2024-12-03 20:56:36 +01:00
John Molakvoæ	63b74dc506	chore(config): set min supported desktop to `2.7.0` Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com> Signed-off-by: skjnldsv <skjnldsv@protonmail.com>	2024-11-27 22:55:40 +01:00
skjnldsv	8c0f8db6ca	feat(config): add `maximum.supported.desktop.version` Signed-off-by: skjnldsv <skjnldsv@protonmail.com>	2024-11-27 11:39:49 +01:00
Daniel Kesselberg	ca3733de23	fix: Re-throwing the TypeError to prevent exposing the installation path Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2024-11-22 16:16:46 +01:00
Daniel Kesselberg	6b383faf41	Revert "fix(dav): Always respond custom error page on exceptions" This reverts commit `9992e7d439`. Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2024-11-22 11:55:25 +01:00
Daniel Kesselberg	cb6840fea5	Revert "fix: Override start method of \Sabre\DAV\Server to remove exception output" This reverts commit `e202896a74`. Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2024-11-22 11:55:24 +01:00
fenn-cs	dd6d7a0aab	fix(Federation): Show some icon for federated users on shares Signed-off-by: nfebe <fenn25.fn@gmail.com>	2024-11-09 10:33:17 +01:00
Robin Appelman	19ec79b313	fix: smuggle storage id to metadata insert queries Signed-off-by: Robin Appelman <robin@icewind.nl>	2024-11-07 16:27:14 +01:00
provokateurin	e8426996f5	fix(psalm): Fix some newly detected issues Signed-off-by: provokateurin <kate@provokateurin.de>	2024-10-21 12:37:59 +02:00
provokateurin	381077028a	refactor(apps): Use constructor property promotion when possible Signed-off-by: provokateurin <kate@provokateurin.de>	2024-10-21 12:37:59 +02:00

1 2 3 4 5 ...

582 commits