nextcloud/apps/dav
Micke Nordin db96073459 fix(auth): confine OCM access token to the masked share endpoint
Gate the temporary-token bearer auth behind an allowOcmAccessToken flag
that only the public, share-masked webdav endpoints set, and drop the
BearerAuth backend from the CalDAV/CardDAV entrypoints. The token is now
honored only on /public.php/webdav, where per-share masking applies.

Assisted-by: ClaudeCode:claude-fable-5

Signed-off-by: Micke Nordin <kano@sunet.se>
2026-07-07 13:56:32 +02:00
..
appinfo fix(auth): confine OCM access token to the masked share endpoint 2026-07-07 13:56:32 +02:00
composer fix(caldav-delegation): send notification to delegator 2026-06-02 17:16:20 +02:00
css chore: adjust stylesheets to new codestyle 2025-05-31 16:02:40 +02:00
img chore: Add SPDX header 2024-05-28 14:41:28 +02:00
l10n fix(l10n): Update translations from Transifex 2026-07-04 00:22:53 +00:00
lib fix(auth): confine OCM access token to the masked share endpoint 2026-07-07 13:56:32 +02:00
src fix(dav): Always show example content section 2026-07-03 00:40:59 +02:00
templates refactor(dav): migrate Settings frontend to Vue 3 2025-10-23 05:21:46 +02:00
tests fix(auth): confine OCM access token to the masked share endpoint 2026-07-07 13:56:32 +02:00
.gitignore chore: Add SPDX header 2024-05-28 14:41:28 +02:00
.l10nignore chore: Add SPDX header 2024-05-28 14:41:28 +02:00
openapi.json feat(recent-files): add nc:last_activity property to allow sorting by max between upload_time and mtime 2026-03-24 15:15:34 -03:00
openapi.json.license chore: Add SPDX header 2024-05-28 14:41:28 +02:00