upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-04-11 20:16:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 8
nextcloud/lib/private/user
History
Lukas Reschke 6eeb905871 Do only follow HTTP and HTTPS redirects 
We do not want to follow redirects to other protocols since they might allow an adversary to bypass network restrictions. (i.e. a redirect to ftp:// might be used to access files of a FTP server which might be in a secure zone and not be reachable from the net but from the ownCloud server)

Get final redirect manually using get_headers()

Migrate to HTTPHelper class and add unit tests
2014-09-22 20:02:32 +02:00
..
backend.php Remove all occurences of @brief and @returns from PHPDoc 2014-05-19 17:50:53 +02:00
database.php retrieve local users, groups and group members in a sorted way 2014-08-29 15:17:37 +02:00
dummy.php loop over usernames, not passwords 2014-06-30 20:43:50 +02:00
example.php Remove all occurences of @brief and @returns from PHPDoc 2014-05-19 17:50:53 +02:00
http.php Do only follow HTTP and HTTPS redirects 2014-09-22 20:02:32 +02:00
interface.php Remove all occurences of @brief and @returns from PHPDoc 2014-05-19 17:50:53 +02:00
manager.php Use public api for getting l10n 2014-08-31 10:08:22 +02:00
session.php Use proper RNG generator 2014-09-03 17:46:48 +02:00
user.php - adding default value for $recoveryPassword 2014-07-24 12:50:39 +02:00