nextcloud

mirror of https://github.com/nextcloud/server.git synced 2026-02-10 22:34:26 -05:00

Author	SHA1	Message	Date
Vincent Petry	18c013d8fc	Add CSP policy merge priority for booleans When two booleans conflict when merging CSP policies, true will win. Signed-off-by: Vincent Petry <vincent@nextcloud.com>	2022-04-01 13:56:34 +02:00
Julius Härtl	bd03dd37be	Allow to set a strict-dynamic CSP through the API Signed-off-by: Julius Härtl <jus@bitgrid.net>	2022-03-09 15:10:27 +01:00
Carl Schwan	7dddbd0c35	Improve caching policy * Cache css with version in url. This makes most js and css requests to be cached by the browser * Force caching previews, the etag is in the url so that if the propfind gives a new etag, we will refresh it otherwise it's no use to try to fetch the new etag and do tons of DB queries Tested with firefox and 'debug' => false (important so that the js/css urls are generated with ?v= parameter) Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-02-16 11:35:57 +01:00
Robin Appelman	c712987878	send request id in response header Signed-off-by: Robin Appelman <robin@icewind.nl>	2022-02-01 14:24:01 +01:00
Daniel Rudolf	aa455e71d9	Merge branch 'master' into enhancement/noid/IURLGenerator-linkToDefaultPageUrl	2021-08-04 18:52:55 +02:00
Carl Schwan	28970563a2	Remove some mentions of ownCloud from our api documentation Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2021-07-29 15:56:30 +02:00
Daniel Rudolf	a43de10d1e	Add RedirectToDefaultAppResponse::__construct() annotations Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>	2021-07-01 15:35:09 +02:00
Daniel Rudolf	e478db9161	Deprecate RedirectToDefaultAppResponse Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>	2021-07-01 15:13:08 +02:00
Daniel Rudolf	2c7186a15f	Remove \OC::$server->getURLGenerator() usage Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>	2021-07-01 15:12:15 +02:00
Daniel Rudolf	12059eb65b	Add IUrlGenerator::linkToDefaultPageUrl() Replaces the deprecated \OC_Util::getDefaultPageUrl() and makes this API public. Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>	2021-06-30 16:20:57 +02:00
Pytal	9ed379da22	Merge pull request #27635 from nextcloud/fix/datetime-constants Fix usage of DateTime constants	2021-06-23 09:56:28 -07:00
Christoph Wurst	6d5cfe0c66	Move DateTime::RFC2822 to DateTimeInterface::2822 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-06-23 15:30:43 +02:00
Lukas Reschke	25ab4059c6	Add security.txt Ref https://securitytxt.org Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-06-23 13:58:47 +02:00
Morris Jobke	2ae60b42ab	Merge pull request #26494 from rigrig/fix-php8-deprecations Fix some php 8 warnings	2021-06-07 23:30:59 +02:00
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	2021-06-04 22:02:41 +02:00
Lukas Reschke	377514aad1	Escape filename in Content-Disposition We should escape all occurences of ' and \ in here. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-06-02 19:22:17 +02:00
Richard de Boer	a0d265b0b1	Fix a usort comparison function returning a boolean instead of an integer PHP 8 shows deprecation warnings about this, see #25806 Signed-off-by: Richard de Boer <git@tubul.net>	2021-05-29 14:14:52 +02:00
Joas Schilling	02c011c4f7	Make debugging easier which header is being set Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-03-24 13:22:44 +01:00
Christoph Wurst	08d4458542	Initialize \OCP\AppFramework\Http\ZipResponse::$resources Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-02-17 19:59:27 +01:00
Christoph Wurst	9ce3ea3368	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-12-30 14:07:05 +01:00
Christoph Wurst	d89a75be0b	Update all license headers for Nextcloud 21 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-12-16 18:48:22 +01:00
Joas Schilling	329ffa257e	Log an error when setting a custom header on "Not Modified" responses Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-12-15 11:24:15 +01:00
Thomas Citharel	71cf92697c	Update comment to reflect current CSP policy JS unsafe-eval was removed a long time ago in https://github.com/nextcloud/server/pull/11028	2020-12-12 21:11:42 +01:00
Roeland Jago Douma	1e111b2ad2	Fix DataResponse typehints We use this already in several places where we just pass strings or numbers. This all works because we just convert it to a json response in the end. So better to have the typehints reflect this. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-11-19 20:34:42 +01:00
Roeland Jago Douma	9163790b7c	Set frame-ancestors to none if none are filled frame-ancestors doesn't fall back to default-src. So when we apply a very restricted CSP we should make sure to set it to 'none' and not leave it empty. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-11-18 10:13:36 +01:00
Roeland Jago Douma	fa6a790859	Remove deprecated OCSResponse Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-11-01 14:12:27 +01:00
Christoph Wurst	d9015a8c94	Format code to a single space around binary operators Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-10-05 20:25:24 +02:00
Julius Härtl	8ab2422b6c	Add acutal response to BeforeTemplateRenderedEvent Signed-off-by: Julius Härtl <jus@bitgrid.net>	2020-09-24 20:00:23 +02:00
Roeland Jago Douma	b5e9f7e846	Merge pull request #22432 from nextcloud/enh/phpdoc Add php docs build script	2020-08-26 21:18:11 +02:00
Julius Härtl	45a474071e	Remove @package annotations from public namespace Signed-off-by: Julius Härtl <jus@bitgrid.net>	2020-08-26 16:59:40 +02:00
Christoph Wurst	2a054e6c04	Update the license headers for Nextcloud 20 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-08-24 14:54:25 +02:00
Joas Schilling	35a8519591	Fix CS Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-08-19 11:20:36 +02:00
Joas Schilling	e66bc4a8a7	Send "429 Too Many Requests" in case of brute force protection Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-08-19 11:20:35 +02:00
Morris Jobke	0581356169	Merge pull request #22097 from nextcloud/enh/noid/empty-template Add empty renderAs template	2020-08-05 11:42:29 +02:00
Julius Härtl	b51746212e	Add base renderAs template Signed-off-by: Julius Härtl <jus@bitgrid.net>	2020-08-04 09:48:43 +02:00
Julius Härtl	e1b696929f	Move NotFoundResponse to a proper TemplateResponse Signed-off-by: Julius Härtl <jus@bitgrid.net>	2020-07-24 08:58:14 +02:00
Joas Schilling	49970639fa	Add constants for the magic strings of template rendering Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-07-16 15:47:28 +02:00
Morris Jobke	c4b53538af	Better event description for BeforeTemplateRenderedEvent in files and files_sharing Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-07-15 20:15:51 +02:00
Roeland Jago Douma	7d7ba61625	Add real events to load additionalscripts Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-07-15 14:07:18 +02:00
Joas Schilling	b7060be18d	Fix robots "noindex, nofollow" signals Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-06-25 08:29:43 +02:00
Roeland Jago Douma	fbf9772a3e	Allow to specify the cookie type for appframework responses In general it is good to set them to Lax. But also to give devs more control over them is not a bad thing. Helps with #21474 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-06-22 08:38:44 +02:00
Roeland Jago Douma	4fbea316a7	Merge pull request #20897 from nextcloud/bugfix/httpcache Proxy server could cache http response when it is not private	2020-05-13 08:27:05 +02:00
Clement Wong	e9be3a9090	Add public argument to Http cacheFor() Signed-off-by: Clement Wong <git@clement.hk>	2020-05-10 20:24:14 +02:00
Clement Wong	401210d259	Proxy server could cache http response when it is not private Signed-off-by: Clement Wong <git@clement.hk>	2020-05-10 11:24:08 +02:00
Christoph Wurst	cb057829f7	Update license headers for 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-29 11:57:22 +02:00
Christoph Wurst	28f8eb5dba	Add visibility to all constants Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 16:54:27 +02:00
Christoph Wurst	caff1023ea	Format control structures, classes, methods and function To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 14:19:56 +02:00
Christoph Wurst	afbd9c4e6e	Unify function spacing to PSR2 recommendation Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 13:54:22 +02:00
Christoph Wurst	41b5e5923a	Use exactly one empty line after the namespace declaration For PSR2 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 11:48:10 +02:00
Christoph Wurst	2fbad1ed72	Fix (array) indent style to always use one tab Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 10:16:08 +02:00

1 2 3

127 commits