upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-04-22 23:03:00 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 78
nextcloud/apps/files/ajax
History
Lukas Reschke 6eeb905871 Do only follow HTTP and HTTPS redirects 
We do not want to follow redirects to other protocols since they might allow an adversary to bypass network restrictions. (i.e. a redirect to ftp:// might be used to access files of a FTP server which might be in a secure zone and not be reachable from the net but from the ownCloud server)

Get final redirect manually using get_headers()

Migrate to HTTPHelper class and add unit tests
2014-09-22 20:02:32 +02:00
..
delete.php kill OC::$session 2014-08-29 10:22:21 +02:00
download.php kill OC::$session 2014-08-29 10:22:21 +02:00
getstoragestats.php kill OC::$session 2014-08-29 10:22:21 +02:00
list.php Use public api for getting l10n 2014-08-31 10:08:22 +02:00
mimeicon.php kill OC::$session 2014-08-29 10:22:21 +02:00
move.php Catch exceptions when moving files 2014-09-05 14:54:06 +02:00
newfile.php Do only follow HTTP and HTTPS redirects 2014-09-22 20:02:32 +02:00
newfolder.php Use public api for getting l10n 2014-08-31 10:08:22 +02:00
rename.php Use public api for getting l10n 2014-08-31 10:08:22 +02:00
scan.php Merge pull request #10922 from owncloud/explicit-scan-transactions 2014-09-09 23:32:32 +02:00
upload.php Use public api for getting l10n 2014-08-31 10:08:22 +02:00