nextcloud

mirror of https://github.com/nextcloud/server.git synced 2026-02-24 10:26:07 -05:00

Author	SHA1	Message	Date
provokateurin	97c09753c3	fix(AppFramework): Adjust types so PHPStan understands them Signed-off-by: provokateurin <kate@provokateurin.de>	2026-02-09 14:08:42 +01:00
Robin Appelman	26ae51c4b3	feat: add header with user id in response Signed-off-by: Robin Appelman <robin@icewind.nl>	2025-09-18 18:30:04 +02:00
Daniel Kesselberg	be587def0e	fix: use correct format for expires, last-modified, and if-modified-since headers Before: Sat, 10 May 2025 18:17:41 +0000 After: Sat, 10 May 2025 18:17:41 GMT RFC: https://httpwg.org/specs/rfc9110.html#http.date Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2025-06-10 13:15:31 +02:00
Ferdinand Thiessen	74bded74a3	refactor: migrate from OC to OCP in public interfaces Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-05-15 16:17:47 +02:00
provokateurin	7db694f534	fix(Http): Only allow valid HTTP status code values via template Signed-off-by: provokateurin <kate@provokateurin.de>	2025-01-07 15:45:30 +01:00
provokateurin	9836e9b164	chore(deps): Update nextcloud/coding-standard to v1.3.1 Signed-off-by: provokateurin <kate@provokateurin.de>	2024-09-19 14:21:20 +02:00
Daniel Kesselberg	af6de04e9e	style: update codestyle for coding-standard 1.2.3 Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2024-08-25 19:34:58 +02:00
Andy Scherzinger	dae7c159f7	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2024-05-24 13:11:22 +02:00
provokateurin	db77eab677	fix(AppFramework): Fix error message about 204 not allowing custom headers Signed-off-by: provokateurin <kate@provokateurin.de>	2024-04-08 16:08:44 +02:00
Côme Chilliet	ec5133b739	fix: Apply new coding standard to all files Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-04-02 14:16:21 +02:00
Git'Fellow	066f6ef16c	Stop sending deprecated Pragma header Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>	2023-08-28 15:11:22 +02:00
Christoph Wurst	14719110b9	chore: Replace \OC::$server->query with \OCP\Server::get in /lib Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-07-06 15:21:22 +02:00
jld3103	b0001c6010	Add template types to responses Signed-off-by: jld3103 <jld3103yt@gmail.com>	2023-06-30 09:33:29 +02:00
MichaIng	5f90b8eb11	Change X-Robots-Tag header from "none" to "noindex, nofollow" While "none" is indeed equivalent to "noindex, nofollow" for Google, but seems to be not supported by Bing and probably other search engines. https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meta/name#other_metadata_names https://developers.google.com/search/docs/crawling-indexing/robots-meta-tag?hl=de#comma-separated-list https://www.bing.com/webmasters/help/which-robots-metatags-does-bing-support-5198d240 Signed-off-by: MichaIng <micha@dietpi.com>	2023-02-15 20:16:51 +01:00
Côme Chilliet	f5c361cf44	composer run cs:fix Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-01-20 11:45:08 +01:00
Daniel	c55ae98a3f	Add description for public and immutable Co-authored-by: Carl Schwan <carl@carlschwan.eu> Signed-off-by: Daniel <mail@danielkesselberg.de>	2022-09-03 15:58:18 +02:00
Daniel Kesselberg	855ef21883	Update docblock for cacheFor Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2022-09-03 15:28:23 +02:00
Carl Schwan	7dddbd0c35	Improve caching policy * Cache css with version in url. This makes most js and css requests to be cached by the browser * Force caching previews, the etag is in the url so that if the propfind gives a new etag, we will refresh it otherwise it's no use to try to fetch the new etag and do tons of DB queries Tested with firefox and 'debug' => false (important so that the js/css urls are generated with ?v= parameter) Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-02-16 11:35:57 +01:00
Robin Appelman	c712987878	send request id in response header Signed-off-by: Robin Appelman <robin@icewind.nl>	2022-02-01 14:24:01 +01:00
Christoph Wurst	6d5cfe0c66	Move DateTime::RFC2822 to DateTimeInterface::2822 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-06-23 15:30:43 +02:00
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	2021-06-04 22:02:41 +02:00
Joas Schilling	02c011c4f7	Make debugging easier which header is being set Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-03-24 13:22:44 +01:00
Joas Schilling	329ffa257e	Log an error when setting a custom header on "Not Modified" responses Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-12-15 11:24:15 +01:00
Christoph Wurst	2a054e6c04	Update the license headers for Nextcloud 20 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-08-24 14:54:25 +02:00
Joas Schilling	b7060be18d	Fix robots "noindex, nofollow" signals Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-06-25 08:29:43 +02:00
Roeland Jago Douma	fbf9772a3e	Allow to specify the cookie type for appframework responses In general it is good to set them to Lax. But also to give devs more control over them is not a bad thing. Helps with #21474 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-06-22 08:38:44 +02:00
Clement Wong	e9be3a9090	Add public argument to Http cacheFor() Signed-off-by: Clement Wong <git@clement.hk>	2020-05-10 20:24:14 +02:00
Clement Wong	401210d259	Proxy server could cache http response when it is not private Signed-off-by: Clement Wong <git@clement.hk>	2020-05-10 11:24:08 +02:00
Christoph Wurst	caff1023ea	Format control structures, classes, methods and function To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 14:19:56 +02:00
Christoph Wurst	2fbad1ed72	Fix (array) indent style to always use one tab Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 10:16:08 +02:00
Christoph Wurst	b80ebc9674	Use the short array syntax, everywhere Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-03-26 16:34:56 +01:00
Christoph Wurst	5bf3d1bb38	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-12-05 15:38:45 +01:00
Roeland Jago Douma	c40fe8b819	Do not enforce the parent constructor of response to be called If there is no policy set we just take the default empty ones. That way no obscure errors get thrown if the constructor is not called. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-08-19 14:39:34 +02:00
Roeland Jago Douma	b8c5008acf	Add feature policy header This adds the events and the classes to modify the feature policy. It also adds a default restricted feature policy. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-08-10 14:26:22 +02:00
Roeland Jago Douma	7276735eb4	Set empty CSP by default For #14179 By default responses should have the strictest (and simplest) CSP possible. Only template responses should require an actual CSP. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-04-16 14:09:39 +02:00
Roeland Jago Douma	a34495933e	Move caching logic to response This avoids having to do it at all the places we want cached responses. We can't inject the ITimeFactor without breaking public API. However we can perfectly overwrite the service (resulting in the same testable effect). Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-06-04 08:48:54 +02:00
Roeland Jago Douma	5825c27a12	Make sure that render always returns a string Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-02-21 13:28:40 +01:00
Morris Jobke	0eebff152a	Update license headers Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2017-11-06 16:56:19 +01:00
Morris Jobke	84c22fdeef	Merge pull request #5907 from nextcloud/add-metadata-to-throttle-call Add metadata to \OCP\AppFramework\Http\Response::throttle	2017-08-01 14:43:47 +02:00
Lukas Reschke	dfd8125aeb	Replace wrong PHPDocs Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-08-01 08:20:16 +02:00
Lukas Reschke	f22ab3e665	Add metadata to \OCP\AppFramework\Http\Response::throttle Fixes https://github.com/nextcloud/server/issues/5891 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-07-27 14:17:45 +02:00
Lukas Reschke	8149945a91	Make BruteForceProtection annotation more clever This makes the new `@BruteForceProtection` annotation more clever and moves the relevant code into it's own middleware. Basically you can now set `@BruteForceProtection(action=$key)` as annotation and that will make the controller bruteforce protected. However, the difference to before is that you need to call `$responmse->throttle()` to increase the counter. Before the counter was increased every time which leads to all kind of unexpected problems. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-04-13 23:05:33 +02:00
Christoph Wurst	fe6416072d	set 'no-store' cache header if we do not want FF to cache Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2017-01-09 21:29:59 +01:00
Roeland Jago Douma	7c078a81b4	Add trict CSP to OCS responses If a repsonse now explicitly has the Empty CSP set then the middleware won't touch it.	2016-09-15 13:11:36 +02:00
Roeland Jago Douma	14136295b7	Cache avatars properly * Set proper caching headers for avatars (15 minutes) * For our own avatar use some extra logic to invalidate when we update	2016-08-30 09:00:16 +02:00
Joas Schilling	ba87db3fcc	Fix others	2016-07-21 18:13:57 +02:00
Lukas Reschke	aba539703c	Update license headers	2016-05-26 19:57:24 +02:00
Roeland Jago Douma	e47b186d51	Move \OCP\AppFramework to PSR-4	2016-05-06 20:38:34 +02:00

48 commits