upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-04-21 06:08:46 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 14
76408 commits 857 branches 1195 tags 7.2 GiB
Commit graph

14795 commits

Author SHA1 Message Date
Robin Appelman
e2bff39f73 fix: mark systemconfig value as not being tainted because they are implicitly trusted 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-28 14:54:14 +02:00
Robin Appelman
b2645590ce fix: implement sharding compatible cleanup for various bits 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-28 14:54:14 +02:00
Robin Appelman
dc5f0f5fb7 fix: fix share cleanup for deleted groups with sharding 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-28 14:54:14 +02:00
Robin Appelman
0e40fa4fa5 fix: run mimetype repair query across all shards 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-28 14:54:14 +02:00
Robin Appelman
693ee5ea0f fix: hint storage id in more places 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-28 14:54:14 +02:00
Robin Appelman
3e5193957b fix: only allow pre-defined shards 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-28 14:54:14 +02:00
Robin Appelman
82d7eaf80a feat: implement distributing partitioned queries over multiple shards 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-28 14:54:14 +02:00
Robin Appelman
4ec53e723e feat: add option to automatically partition queries by specific tables 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-28 14:54:14 +02:00
Robin Appelman
8f57d46a0b fix: delay calculating global cache prefix untill a cache is created 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-28 14:54:14 +02:00
Robin Appelman
b1744e70a5 fix: don't make ICacheFactory depend on database 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-28 14:54:14 +02:00
Robin Appelman
8eaddbc038 feat: track expected output columns in query builder 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-28 14:54:14 +02:00
Stephan Orbaugh
0d690ee11d
Merge pull request #47398 from nextcloud/backport/47259/stable30 
[stable30] feat: add negative compare-and-delete to imemcache
 2024-08-28 14:54:00 +02:00
Andy Scherzinger
1fcb0a3823
Merge pull request #47542 from nextcloud/backport/47522/stable30 
[stable30] [TaskProcessing] Add manager::runTask method
 2024-08-28 13:39:51 +02:00
Andy Scherzinger
30d0d08134
Merge pull request #47533 from nextcloud/backport/47509/stable30 
[stable30] fix: gracefully handle unexpected exif orientation types
 2024-08-28 13:11:42 +02:00
Maxence Lange
5df51dbc73 fix(setup): ignore long session login during installation 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2024-08-27 19:14:03 +00:00
Julien Veyssier
cc78ff94a2 fix(taskprocessing): fix condition to reschedule SynchronousBackgroundJob 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2024-08-27 15:55:16 +00:00
Julien Veyssier
47b2175c86 feat(taskprocessing): add IManager::runTask method to run task synchronously 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2024-08-27 15:55:16 +00:00
Richard Steinmetz
3a9e33124b fix: gracefully handle unexpected exif orientation types 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2024-08-27 14:05:00 +00:00
provokateurin
c0f89e8b5f fix(Router): Load attribute routes of all apps when not app is specified 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-08-27 10:51:52 +00:00
Christoph Klaffl
2863af448a fix call to custom mail_template_class 
Signed-off-by: Christoph Klaffl <christoph@phreaker.eu>
 2024-08-26 06:59:31 +00:00
Robin Appelman
3e35e62f6b feat: add negative compare-and-delete to imemcache 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-23 11:37:57 +00:00
Ferdinand Thiessen
1e49c83556 fix: FilenameValidator::isForbidden should only check forbidden files 
And not forbidden basenames as this is used for different purposes.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-08-22 08:51:58 +02:00
Andy Scherzinger
e87b559939
Merge pull request #47283 from nextcloud/backport/47038/stable30 
[stable30] fix: check for correct storage class when checking for link parent
 2024-08-21 21:59:22 +02:00
John Molakvoæ
28af5012a2
Merge pull request #47391 from nextcloud/backport/47371/stable30 2024-08-21 16:29:51 +02:00
Ferdinand Thiessen
655b318b23 fix: Support Safari mobile 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-08-21 12:33:53 +00:00
Ferdinand Thiessen
a67d98c31e fix: Disable auto-zoom on iOS 
When using iOS and focussing an input element the view should not be zoomed.
So if we set a maximum scale iOS will not auto-zoom but still allow users to zoom.
But we can not do this by default as this will disable user zoom on Chrome.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-08-21 12:33:53 +00:00
Joas Schilling
71c0b0053c fix(theming): Make getImage() call save against missing non-SVG version 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-08-21 13:19:29 +02:00
Robin Appelman
fff198657f fix: use mountpoint from storage to find the encryption keys 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-20 14:24:43 +00:00
Robin Appelman
ece54cf956 feat: store the mountpoint of storages in the mount options 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-20 14:24:43 +00:00
Robin Appelman
9791fa278f fix: check for correct storage class when checking for link parent 
fixes #39123

Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-16 15:17:07 +00:00
S1m
b7bf8ec3c5
feat(webauthn): Add user verification to webauthn challenges 
Require user verification if all tokens are registered

with UV flag, else discourage it

Signed-off-by: S1m <git@sgougeon.fr>
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2024-08-15 11:52:40 +02:00
Christoph Wurst
7641e768b3
Merge pull request #45435 from nextcloud/feat/dav/upcoming-events-api 
feat(dav): Add an API for upcoming events
 2024-08-14 06:54:43 +02:00
Christoph Wurst
370a9d77ea
feat(dav): Add an API for upcoming events 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-08-13 20:03:31 +02:00
Ferdinand Thiessen
3e409fd342
Merge pull request #43573 from nextcloud/HolgerHees-fix-csp-nonce-handling 
Fix for ignored `CSP_NONCE` in ContentSecurity Header
 2024-08-13 17:53:30 +02:00
Christoph Wurst
5100e3152d
feat(auth): Clean-up unused auth tokens and wipe tokens 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-08-13 12:39:11 +02:00
Côme Chilliet
142b6e313f
Merge pull request #47180 from nextcloud/fix/apply-group-limit-on-remove-from-group 
Apply group limit on remove from group
 2024-08-13 12:20:48 +02:00
Ferdinand Thiessen
2916e5df7e
feat: Provide CSP nonce as <meta> element 
This way we use the CSP nonce for dynamically loaded scripts.
Important to notice: The CSP nonce must NOT be injected in `content` as
this can lead to value exfiltration using e.g. side-channel attacts (CSS selectors).

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-08-13 10:32:44 +02:00
Ferdinand Thiessen
86f01a3358
fix: Make sure CSP nonce is not double base64 encoded 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-08-13 09:52:33 +02:00
Holger Hees
73397cd759
fix: Use CSP_NONCE env variable in ContentSecurity Header 
We should use 'cspNonceManager' for requesting the NONCE value, because it is doing the same as before, except that it honors a CPS_NONCE environment variable if available.

Signed-off-by: Holger Hees <holger.hees@gmail.com>
 2024-08-13 09:52:08 +02:00
Côme Chilliet
e23325f047
fix: Remove shares only if there are no more common groups between users 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-08-12 15:20:21 +02:00
Louis Chemineau
5559beb28c
fix(files_sharing): Delete user shares if needed when user is removed from a group 
Signed-off-by: Louis Chemineau <louis@chmn.me>
 2024-08-12 14:41:19 +02:00
Julien Veyssier
dbab2a825d
fix(taskprocessing): select preferred provider when running sync task, fix task type values according to preferred provider 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2024-08-12 13:11:41 +02:00
Ferdinand Thiessen
0563757ea4 fix(SetupCheck): Properly check public access to data directory 
When checking for public (web) access to the data directory the status is not enough
as you might have a webserver that forwards to e.g. a login page.
So instead check that the content of the file matches.

For this the `.ncdata` file (renamed from `.ocdata`¹) has minimal text content
to allow checking.

¹The file was renamed from the legacy `.ocdata`, there is a repair step to remove the old one.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-08-08 22:08:42 +02:00
Andy Scherzinger
609fa7d5db
Merge pull request #47044 from nextcloud/fix/accept-several-mounts-in-encryption 
fix(encryption): Fix mountpoint check to accept if several are found
 2024-08-07 20:58:19 +02:00
Robin Appelman
495f454b6f
Merge pull request #46395 from nextcloud/apcu-default-ttl 
fix: set default TTL for APCu cache as per docs
 2024-08-07 20:16:02 +02:00
Robin Appelman
cae0a8218d
chore: remove Redis::DEFAULT_TTL constant now that it's defined in the interface 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-07 19:41:44 +02:00
Robin Appelman
b19652a2ad
chore: cleanup acpu inc and dec 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-07 19:41:43 +02:00
Robin Appelman
cd9cc01b77
fix: set default TTL for APCu cache as per docs 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-07 19:41:41 +02:00
Maxence Lange
3ffcfb1dab
Merge pull request #47069 from nextcloud/fix/noid/display-message-on-no-migration-attributes 
fix(migration-preview): display a message if no attributes set
 2024-08-07 11:48:20 -01:00
Christoph Wurst
2b38d6ae7e
fix(session): Log when session_* calls are slow 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-08-07 09:02:10 +02:00