From b060a17b59f7117a670f09550215cb005dd822bc Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Wed, 19 Feb 2014 19:08:28 +0100 Subject: [PATCH 01/22] Added extra checks for ext storage class --- apps/files_external/lib/config.php | 8 +++++++- apps/files_external/tests/mountconfig.php | 25 +++++++++++++++++++++++ 2 files changed, 32 insertions(+), 1 deletion(-) diff --git a/apps/files_external/lib/config.php b/apps/files_external/lib/config.php index 94dc5fb7ad8..cd3e7f3a4a6 100755 --- a/apps/files_external/lib/config.php +++ b/apps/files_external/lib/config.php @@ -277,15 +277,21 @@ class OC_Mount_Config { $mountType, $applicable, $isPersonal = false) { + $backends = self::getBackends(); $mountPoint = OC\Files\Filesystem::normalizePath($mountPoint); if ($mountPoint === '' || $mountPoint === '/' || $mountPoint == '/Shared') { // can't mount at root or "Shared" folder return false; } + + if (!isset($backends[$class])) { + // invalid backend + return false; + } if ($isPersonal) { // Verify that the mount point applies for the current user // Prevent non-admin users from mounting local storage - if ($applicable != OCP\User::getUser() || $class == '\OC\Files\Storage\Local') { + if ($applicable !== OCP\User::getUser() || strtolower($class) === '\oc\files\storage\local') { return false; } $mountPoint = '/'.$applicable.'/files/'.ltrim($mountPoint, '/'); diff --git a/apps/files_external/tests/mountconfig.php b/apps/files_external/tests/mountconfig.php index 941aec680bb..24ebcf51346 100644 --- a/apps/files_external/tests/mountconfig.php +++ b/apps/files_external/tests/mountconfig.php @@ -48,4 +48,29 @@ class Test_Mount_Config extends \PHPUnit_Framework_TestCase { $this->assertEquals(false, OC_Mount_Config::addMountPoint('/Shared', $storageClass, array(), $mountType, $applicable, $isPersonal)); } + + public function testAddMountPointSingleUser() { + \OC_User::setUserId('test'); + $mountType = 'user'; + $applicable = 'test'; + $isPersonal = true; + // local + $this->assertEquals(false, OC_Mount_Config::addMountPoint('/ext', '\OC\Files\storage\local', array(), $mountType, $applicable, $isPersonal)); + // non-local + // FIXME: can't test this yet as the class (write operation) is not mockable + // $this->assertEquals(true, OC_Mount_Config::addMountPoint('/ext', '\OC\Files\Storage\SFTP', array(), $mountType, $applicable, $isPersonal)); + + } + + public function testAddMountPointUnexistClass() { + \OC_User::setUserId('test'); + $storageClass = 'Unexist_Storage'; + $mountType = 'user'; + $applicable = 'test'; + $isPersonal = true; + // local + // non-local + $this->assertEquals(false, OC_Mount_Config::addMountPoint('/ext', $storageClass, array(), $mountType, $applicable, $isPersonal)); + + } } From 3ce77a35e5eeb22b580e243e50a2daeba761d7fc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 20 Feb 2014 10:42:54 +0100 Subject: [PATCH 02/22] fixing js syntax error --- core/js/tags.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/core/js/tags.js b/core/js/tags.js index 16dd3d4bf97..bc6d7b4e071 100644 --- a/core/js/tags.js +++ b/core/js/tags.js @@ -25,11 +25,11 @@ OC.Tags= { }); self.deleteButton = { text: t('core', 'Delete'), - click: function() {self._deleteTags(self, type, self._selectedIds())}, + click: function() {self._deleteTags(self, type, self._selectedIds())} }; self.addButton = { text: t('core', 'Add'), - click: function() {self._addTag(self, type, self.$taginput.val())}, + click: function() {self._addTag(self, type, self.$taginput.val())} }; self._fillTagList(type, self.$taglist); @@ -349,5 +349,5 @@ OC.Tags= { console.warn(response); }); } -} +}; From bf22ed7bdbb4289253a85fe423b99d4f96a57fba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 20 Feb 2014 13:10:56 +0100 Subject: [PATCH 03/22] kill old minimizer code --- .htaccess | 1 - core/routes.php | 3 -- lib/base.php | 26 +++----------- lib/private/minimizer.php | 64 ----------------------------------- lib/private/minimizer/css.php | 38 --------------------- lib/private/minimizer/js.php | 21 ------------ 6 files changed, 4 insertions(+), 149 deletions(-) delete mode 100644 lib/private/minimizer.php delete mode 100644 lib/private/minimizer/css.php delete mode 100644 lib/private/minimizer/js.php diff --git a/.htaccess b/.htaccess index 4ba5095e144..fef8c4fb8d0 100755 --- a/.htaccess +++ b/.htaccess @@ -26,7 +26,6 @@ RewriteRule ^.well-known/carddav /remote.php/carddav/ [R] RewriteRule ^.well-known/caldav /remote.php/caldav/ [R] RewriteRule ^apps/calendar/caldav.php remote.php/caldav/ [QSA,L] RewriteRule ^apps/contacts/carddav.php remote.php/carddav/ [QSA,L] -RewriteRule ^apps/([^/]*)/(.*\.(php))$ index.php?app=$1&getfile=$2 [QSA,L] RewriteRule ^remote/(.*) remote.php [QSA,L] diff --git a/core/routes.php b/core/routes.php index f8454877e03..aea788bdc6b 100644 --- a/core/routes.php +++ b/core/routes.php @@ -100,9 +100,6 @@ $this->create('core_avatar_post_cropped', '/avatar/cropped') ->action('OC\Core\Avatar\Controller', 'postCroppedAvatar'); // Not specifically routed -$this->create('app_css', '/apps/{app}/{file}') - ->requirements(array('file' => '.*.css')) - ->action('OC', 'loadCSSFile'); $this->create('app_index_script', '/apps/{app}/') ->defaults(array('file' => 'index.php')) //->requirements(array('file' => '.*.php')) diff --git a/lib/base.php b/lib/base.php index a5f064bdb4b..b39a96f331f 100644 --- a/lib/base.php +++ b/lib/base.php @@ -284,10 +284,10 @@ class OC { if (self::needUpgrade()) { if ($showTemplate && !OC_Config::getValue('maintenance', false)) { OC_Config::setValue('theme', ''); - $minimizerCSS = new OC_Minimizer_CSS(); - $minimizerCSS->clearCache(); - $minimizerJS = new OC_Minimizer_JS(); - $minimizerJS->clearCache(); +// $minimizerCSS = new OC_Minimizer_CSS(); +// $minimizerCSS->clearCache(); +// $minimizerJS = new OC_Minimizer_JS(); +// $minimizerJS->clearCache(); OC_Util::addScript('config'); // needed for web root OC_Util::addScript('update'); $tmpl = new OC_Template('', 'update.admin', 'guest'); @@ -724,11 +724,6 @@ class OC { $app = OC::$REQUESTEDAPP; $file = OC::$REQUESTEDFILE; $param = array('app' => $app, 'file' => $file); - // Handle app css files - if (substr($file, -3) == 'css') { - self::loadCSSFile($param); - return; - } // Handle redirect URL for logged in users if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) { @@ -795,19 +790,6 @@ class OC { return false; } - public static function loadCSSFile($param) { - $app = $param['app']; - $file = $param['file']; - $app_path = OC_App::getAppPath($app); - if (file_exists($app_path . '/' . $file)) { - $app_web_path = OC_App::getAppWebPath($app); - $filepath = $app_web_path . '/' . $file; - $minimizer = new OC_Minimizer_CSS(); - $info = array($app_path, $app_web_path, $file); - $minimizer->output(array($info), $filepath); - } - } - protected static function handleLogin() { OC_App::loadApps(array('prelogin')); $error = array(); diff --git a/lib/private/minimizer.php b/lib/private/minimizer.php deleted file mode 100644 index db522de74dc..00000000000 --- a/lib/private/minimizer.php +++ /dev/null @@ -1,64 +0,0 @@ -contentType); - OC_Response::enableCaching(); - $etag = $this->generateETag($files); - $cache_key .= '-'.$etag; - - $gzout = false; - $cache = OC_Cache::getGlobalCache(); - if (!OC_Request::isNoCache() && (!defined('DEBUG') || !DEBUG)) { - OC_Response::setETagHeader($etag); - $gzout = $cache->get($cache_key.'.gz'); - } - - if (!$gzout) { - $out = $this->minimizeFiles($files); - $gzout = gzencode($out); - $cache->set($cache_key.'.gz', $gzout); - OC_Response::setETagHeader($etag); - } - // on some systems (e.g. SLES 11, but not Ubuntu) mod_deflate and zlib compression will compress the output twice. - // This results in broken core.css and core.js. To avoid it, we switch off zlib compression. - // Since mod_deflate is still active, Apache will compress what needs to be compressed, i.e. no disadvantage. - if(function_exists('apache_get_modules') && ini_get('zlib.output_compression') && in_array('mod_deflate', apache_get_modules())) { - ini_set('zlib.output_compression', 'Off'); - } - if ($encoding = OC_Request::acceptGZip()) { - header('Content-Encoding: '.$encoding); - $out = $gzout; - } else { - $out = gzdecode($gzout); - } - header('Content-Length: '.strlen($out)); - echo $out; - } - - public function clearCache() { - $cache = OC_Cache::getGlobalCache(); - $cache->clear('core.css'); - $cache->clear('core.js'); - } -} - -if (!function_exists('gzdecode')) { - function gzdecode($data, $maxlength=null, &$filename='', &$error='') - { - if (strcmp(substr($data, 0, 9),"\x1f\x8b\x8\0\0\0\0\0\0")) { - return null; // Not the GZIP format we expect (See RFC 1952) - } - return gzinflate(substr($data, 10, -8)); - } -} diff --git a/lib/private/minimizer/css.php b/lib/private/minimizer/css.php deleted file mode 100644 index 8d130572e2b..00000000000 --- a/lib/private/minimizer/css.php +++ /dev/null @@ -1,38 +0,0 @@ - Date: Thu, 20 Feb 2014 13:23:24 +0100 Subject: [PATCH 04/22] kill references to core.js and core.css --- core/minimizer.php | 15 --------------- lib/private/setup.php | 2 -- 2 files changed, 17 deletions(-) delete mode 100644 core/minimizer.php diff --git a/core/minimizer.php b/core/minimizer.php deleted file mode 100644 index eeeddf86a81..00000000000 --- a/core/minimizer.php +++ /dev/null @@ -1,15 +0,0 @@ -output($files, $service); -} -else if ($service == 'core.js') { - $minimizer = new OC_Minimizer_JS(); - $files = OC_TemplateLayout::findJavascriptFiles(OC_Util::$coreScripts); - $minimizer->output($files, $service); -} diff --git a/lib/private/setup.php b/lib/private/setup.php index 17ef75bc7b5..7bf75be0165 100644 --- a/lib/private/setup.php +++ b/lib/private/setup.php @@ -97,8 +97,6 @@ class OC_Setup { $appConfig = \OC::$server->getAppConfig(); $appConfig->setValue('core', 'installedat', microtime(true)); $appConfig->setValue('core', 'lastupdatedat', microtime(true)); - $appConfig->setValue('core', 'remote_core.css', '/core/minimizer.php'); - $appConfig->setValue('core', 'remote_core.js', '/core/minimizer.php'); OC_Group::createGroup('admin'); OC_Group::addToGroup($username, 'admin'); From 328428e40a17779199da065086307060799d0575 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 20 Feb 2014 13:26:23 +0100 Subject: [PATCH 05/22] reference 3rdparty branch add-assetic --- 3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/3rdparty b/3rdparty index 7c2c94c904c..f776a03d060 160000 --- a/3rdparty +++ b/3rdparty @@ -1 +1 @@ -Subproject commit 7c2c94c904c2721763e97d5bafd115f863080a60 +Subproject commit f776a03d06088cd64cdc94aa61834ba358ad36f5 From 7242d00aa6cbf1b0fda0bfeb4392263d909cc3e4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 20 Feb 2014 13:27:46 +0100 Subject: [PATCH 06/22] enable static delivery of css files --- lib/private/template/cssresourcelocator.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/private/template/cssresourcelocator.php b/lib/private/template/cssresourcelocator.php index 8e7831ca549..e26daa25827 100644 --- a/lib/private/template/cssresourcelocator.php +++ b/lib/private/template/cssresourcelocator.php @@ -22,7 +22,7 @@ class CSSResourceLocator extends ResourceLocator { $app = substr($style, 0, strpos($style, '/')); $style = substr($style, strpos($style, '/')+1); $app_path = \OC_App::getAppPath($app); - $app_url = $this->webroot . '/index.php/apps/' . $app; + $app_url = \OC_App::getAppWebPath($app); if ($this->appendIfExist($app_path, $style.$this->form_factor.'.css', $app_url) || $this->appendIfExist($app_path, $style.'.css', $app_url) ) { From 8cf73ca42fd3e2d362a75e11a0f3ac1ae0ab3a34 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 20 Feb 2014 13:28:27 +0100 Subject: [PATCH 07/22] integrate assetic for asset pipeline-ing --- config/config.sample.php | 3 + lib/private/templatelayout.php | 113 +++++++++++++++++++++++++-------- 2 files changed, 91 insertions(+), 25 deletions(-) diff --git a/config/config.sample.php b/config/config.sample.php index 0cd321d095d..4e8bd79d797 100755 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -263,4 +263,7 @@ $CONFIG = array( /* whether usage of the instance should be restricted to admin users only */ 'singleuser' => false, + + /* all css and js files will be served by the web server statically in one js file and ons css file*/ + 'asset-pipeline.enabled' => false, ); diff --git a/lib/private/templatelayout.php b/lib/private/templatelayout.php index 7bca5bc4836..af17adb11c6 100644 --- a/lib/private/templatelayout.php +++ b/lib/private/templatelayout.php @@ -1,4 +1,11 @@ * This file is licensed under the Affero General Public License version 3 or @@ -57,35 +64,38 @@ class OC_TemplateLayout extends OC_Template { } else { parent::__construct('core', 'layout.base'); } + $versionParameter = '?v=' . md5(implode(OC_Util::getVersion())); - // Add the js files - $jsfiles = self::findJavascriptFiles(OC_Util::$scripts); - $this->assign('jsfiles', array(), false); - if (OC_Config::getValue('installed', false) && $renderas!='error') { + $useAssetPipeline = OC_Config::getValue('asset-pipeline.enabled', false); + if ($useAssetPipeline) { + $this->append( 'jsfiles', OC_Helper::linkToRoute('js_config') . $versionParameter); - } - if (!empty(OC_Util::$coreScripts)) { - $this->append( 'jsfiles', OC_Helper::linkToRemoteBase('core.js', false) . $versionParameter); - } - foreach($jsfiles as $info) { - $root = $info[0]; - $web = $info[1]; - $file = $info[2]; - $this->append( 'jsfiles', $web.'/'.$file . $versionParameter); - } - // Add the css files - $cssfiles = self::findStylesheetFiles(OC_Util::$styles); - $this->assign('cssfiles', array()); - if (!empty(OC_Util::$coreStyles)) { - $this->append( 'cssfiles', OC_Helper::linkToRemoteBase('core.css', false) . $versionParameter); - } - foreach($cssfiles as $info) { - $root = $info[0]; - $web = $info[1]; - $file = $info[2]; + $this->generateAssets(); - $this->append( 'cssfiles', $web.'/'.$file . $versionParameter); + } else { + + // Add the js files + $jsfiles = self::findJavascriptFiles(OC_Util::$scripts); + $this->assign('jsfiles', array(), false); + if (OC_Config::getValue('installed', false) && $renderas!='error') { + $this->append( 'jsfiles', OC_Helper::linkToRoute('js_config') . $versionParameter); + } + foreach($jsfiles as $info) { + $web = $info[1]; + $file = $info[2]; + $this->append( 'jsfiles', $web.'/'.$file . $versionParameter); + } + + // Add the css files + $cssfiles = self::findStylesheetFiles(OC_Util::$styles); + $this->assign('cssfiles', array()); + foreach($cssfiles as $info) { + $web = $info[1]; + $file = $info[2]; + + $this->append( 'cssfiles', $web.'/'.$file . $versionParameter); + } } } @@ -116,4 +126,57 @@ class OC_TemplateLayout extends OC_Template { $locator->find($scripts); return $locator->getResources(); } + + public function generateAssets() + { + $jsFiles = self::findJavascriptFiles(OC_Util::$scripts); + $jsHash = self::hashScriptNames($jsFiles); + + if (!file_exists("assets/$jsHash.js")) { + $jsFiles = array_map(function ($item) { + $root = $item[0]; + $file = $item[2]; + return new FileAsset($root . '/' . $file, array(), $root, $file); + }, $jsFiles); + $jsCollection = new AssetCollection($jsFiles); + $jsCollection->setTargetPath("assets/$jsHash.js"); + + $writer = new AssetWriter(\OC::$SERVERROOT); + $writer->writeAsset($jsCollection); + } + + $cssFiles = self::findStylesheetFiles(OC_Util::$styles); + $cssHash = self::hashScriptNames($cssFiles); + + if (!file_exists("assets/$cssHash.css")) { + $cssFiles = array_map(function ($item) { + $root = $item[0]; + $file = $item[2]; + $assetPath = $root . '/' . $file; + $sourceRoot = \OC::$SERVERROOT; + $sourcePath = substr($assetPath, strlen(\OC::$SERVERROOT)); + return new FileAsset($assetPath, array(new CssRewriteFilter()), $sourceRoot, $sourcePath); + }, $cssFiles); + $cssCollection = new AssetCollection($cssFiles); + $cssCollection->setTargetPath("assets/$cssHash.css"); + + $writer = new AssetWriter(\OC::$SERVERROOT); + $writer->writeAsset($cssCollection); + } + + $this->append('jsfiles', OC_Helper::linkTo('assets', "$jsHash.js")); + $this->append('cssfiles', OC_Helper::linkTo('assets', "$cssHash.css")); + } + + private static function hashScriptNames($files) + { + $files = array_map(function ($item) { + $root = $item[0]; + $file = $item[2]; + return $root . '/' . $file; + }, $files); + + sort($files); + return hash('md5', implode('', $files)); + } } From 2955d9b48372c5ff8d364757cca94508441c1be1 Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Thu, 20 Feb 2014 13:54:05 +0100 Subject: [PATCH 08/22] Indentation --- config/config.sample.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/config.sample.php b/config/config.sample.php index 4e8bd79d797..d4cccd3443d 100755 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -264,6 +264,6 @@ $CONFIG = array( /* whether usage of the instance should be restricted to admin users only */ 'singleuser' => false, - /* all css and js files will be served by the web server statically in one js file and ons css file*/ - 'asset-pipeline.enabled' => false, +/* all css and js files will be served by the web server statically in one js file and ons css file*/ +'asset-pipeline.enabled' => false, ); From a0e790227e2fe9c33930bfe4259a7ddfb3de585f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 20 Feb 2014 14:10:09 +0100 Subject: [PATCH 09/22] remove unused functions - have been introduced with the old minimizer approach --- lib/private/request.php | 27 --------------------------- 1 file changed, 27 deletions(-) diff --git a/lib/private/request.php b/lib/private/request.php index 0fd20b3cc1f..d0128f95d96 100755 --- a/lib/private/request.php +++ b/lib/private/request.php @@ -179,33 +179,6 @@ class OC_Request { } } - /** - * @brief Check if this is a no-cache request - * @return boolean true for no-cache - */ - static public function isNoCache() { - if (!isset($_SERVER['HTTP_CACHE_CONTROL'])) { - return false; - } - return $_SERVER['HTTP_CACHE_CONTROL'] == 'no-cache'; - } - - /** - * @brief Check if the requestor understands gzip - * @return false|string true for gzip encoding supported - */ - static public function acceptGZip() { - if (!isset($_SERVER['HTTP_ACCEPT_ENCODING'])) { - return false; - } - $HTTP_ACCEPT_ENCODING = $_SERVER["HTTP_ACCEPT_ENCODING"]; - if( strpos($HTTP_ACCEPT_ENCODING, 'x-gzip') !== false ) - return 'x-gzip'; - else if( strpos($HTTP_ACCEPT_ENCODING, 'gzip') !== false ) - return 'gzip'; - return false; - } - /** * @brief Check if the requester sent along an mtime * @return false or an mtime From 01929096fed3be1689e7b0e53ab4b6a49791901f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 20 Feb 2014 14:10:35 +0100 Subject: [PATCH 10/22] revert wrong change to .htaccess --- .htaccess | 1 + 1 file changed, 1 insertion(+) diff --git a/.htaccess b/.htaccess index fef8c4fb8d0..4ba5095e144 100755 --- a/.htaccess +++ b/.htaccess @@ -26,6 +26,7 @@ RewriteRule ^.well-known/carddav /remote.php/carddav/ [R] RewriteRule ^.well-known/caldav /remote.php/caldav/ [R] RewriteRule ^apps/calendar/caldav.php remote.php/caldav/ [QSA,L] RewriteRule ^apps/contacts/carddav.php remote.php/carddav/ [QSA,L] +RewriteRule ^apps/([^/]*)/(.*\.(php))$ index.php?app=$1&getfile=$2 [QSA,L] RewriteRule ^remote/(.*) remote.php [QSA,L] From fbea02bebb561f7a76a876065066c9face6e484e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 20 Feb 2014 14:18:01 +0100 Subject: [PATCH 11/22] kill $coreStyles and $coreScripts --- lib/base.php | 4 ---- lib/private/app.php | 11 ----------- lib/private/util.php | 2 -- 3 files changed, 17 deletions(-) diff --git a/lib/base.php b/lib/base.php index b39a96f331f..b3911094dbf 100644 --- a/lib/base.php +++ b/lib/base.php @@ -284,10 +284,6 @@ class OC { if (self::needUpgrade()) { if ($showTemplate && !OC_Config::getValue('maintenance', false)) { OC_Config::setValue('theme', ''); -// $minimizerCSS = new OC_Minimizer_CSS(); -// $minimizerCSS->clearCache(); -// $minimizerJS = new OC_Minimizer_JS(); -// $minimizerJS->clearCache(); OC_Util::addScript('config'); // needed for web root OC_Util::addScript('update'); $tmpl = new OC_Template('', 'update.admin', 'guest'); diff --git a/lib/private/app.php b/lib/private/app.php index 47f983cce35..048d4d4aeb1 100644 --- a/lib/private/app.php +++ b/lib/private/app.php @@ -69,17 +69,6 @@ class OC_App{ } ob_end_clean(); - if (!defined('DEBUG') || !DEBUG) { - if (is_null($types) - && empty(OC_Util::$coreScripts) - && empty(OC_Util::$coreStyles)) { - OC_Util::$coreScripts = OC_Util::$scripts; - OC_Util::$scripts = array(); - OC_Util::$coreStyles = OC_Util::$styles; - OC_Util::$styles = array(); - } - } - // return return true; } diff --git a/lib/private/util.php b/lib/private/util.php index b7856436527..b39304c485c 100755 --- a/lib/private/util.php +++ b/lib/private/util.php @@ -11,8 +11,6 @@ class OC_Util { public static $headers=array(); private static $rootMounted=false; private static $fsSetup=false; - public static $coreStyles=array(); - public static $coreScripts=array(); /** * @brief Can be set up From daf28225b7da283763ec84930608e154f49dee46 Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Thu, 20 Feb 2014 18:42:59 +0100 Subject: [PATCH 12/22] fix viewport size on windows phone --- core/js/js.js | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/core/js/js.js b/core/js/js.js index d4d2583f1e5..c7024430aa7 100644 --- a/core/js/js.js +++ b/core/js/js.js @@ -987,6 +987,17 @@ OC.set=function(name, value) { context[tail]=value; }; +// fix device width on windows phone +(function() { + if ("-ms-user-select" in document.documentElement.style && navigator.userAgent.match(/IEMobile\/10\.0/)) { + var msViewportStyle = document.createElement("style"); + msViewportStyle.appendChild( + document.createTextNode("@-ms-viewport{width:auto!important}") + ); + document.getElementsByTagName("head")[0].appendChild(msViewportStyle); + } +})(); + /** * select a range in an input field * @link http://stackoverflow.com/questions/499126/jquery-set-cursor-position-in-text-area From 2f6639875e88c54a95f94a28e2b0ffb18e1c3d1b Mon Sep 17 00:00:00 2001 From: Morris Jobke Date: Fri, 21 Feb 2014 10:58:05 +0100 Subject: [PATCH 13/22] ignore optional additional config files --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 25cb1b227f9..e61ec6f0359 100644 --- a/.gitignore +++ b/.gitignore @@ -2,6 +2,7 @@ /data /owncloud /config/config.php +/config/*.config.php /config/mount.php /apps/inc.php From cf7ef0d35686a4a418abab2c7ad798b56a9317a3 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Wed, 19 Feb 2014 16:56:37 +0100 Subject: [PATCH 14/22] fix sharing unit tests --- tests/lib/share/backend.php | 8 ++++---- tests/lib/share/share.php | 6 +++--- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/tests/lib/share/backend.php b/tests/lib/share/backend.php index 2f6c84678ff..420bd9d88b3 100644 --- a/tests/lib/share/backend.php +++ b/tests/lib/share/backend.php @@ -26,7 +26,7 @@ class Test_Share_Backend implements OCP\Share_Backend { const FORMAT_SOURCE = 0; const FORMAT_TARGET = 1; const FORMAT_PERMISSIONS = 2; - + private $testItem1 = 'test.txt'; private $testItem2 = 'share.txt'; @@ -57,11 +57,11 @@ class Test_Share_Backend implements OCP\Share_Backend { public function formatItems($items, $format, $parameters = null) { $testItems = array(); foreach ($items as $item) { - if ($format == self::FORMAT_SOURCE) { + if ($format === self::FORMAT_SOURCE) { $testItems[] = $item['item_source']; - } else if ($format == self::FORMAT_TARGET) { + } else if ($format === self::FORMAT_TARGET) { $testItems[] = $item['item_target']; - } else if ($format == self::FORMAT_PERMISSIONS) { + } else if ($format === self::FORMAT_PERMISSIONS) { $testItems[] = $item['permissions']; } } diff --git a/tests/lib/share/share.php b/tests/lib/share/share.php index a89f100d97a..b5cba9430aa 100644 --- a/tests/lib/share/share.php +++ b/tests/lib/share/share.php @@ -622,21 +622,21 @@ class Test_Share extends PHPUnit_Framework_TestCase { OC_User::setUserId($this->user1); $this->assertEquals( array('test.txt', 'test.txt'), - OCP\Share::getItemsShared('test', 'test.txt'), + OCP\Share::getItemsShared('test', Test_Share_Backend::FORMAT_SOURCE), 'Failed asserting that the test.txt file is shared exactly two times by user1.' ); OC_User::setUserId($this->user2); $this->assertEquals( array('test.txt'), - OCP\Share::getItemsShared('test', 'test.txt'), + OCP\Share::getItemsShared('test', Test_Share_Backend::FORMAT_SOURCE), 'Failed asserting that the test.txt file is shared exactly once by user2.' ); OC_User::setUserId($this->user3); $this->assertEquals( array('test.txt'), - OCP\Share::getItemsShared('test', 'test.txt'), + OCP\Share::getItemsShared('test', Test_Share_Backend::FORMAT_SOURCE), 'Failed asserting that the test.txt file is shared exactly once by user3.' ); From 6ca4d3bfde1c372937597bed2075ec9027944b60 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 6 Feb 2014 10:06:20 +0100 Subject: [PATCH 15/22] fix usersPath and add unit tests --- apps/files_sharing/lib/cache.php | 12 ++-- apps/files_sharing/tests/cache.php | 108 ++++++++++++++++++++++++++++- 2 files changed, 110 insertions(+), 10 deletions(-) diff --git a/apps/files_sharing/lib/cache.php b/apps/files_sharing/lib/cache.php index aadc54e4a7f..4b0da0b002d 100644 --- a/apps/files_sharing/lib/cache.php +++ b/apps/files_sharing/lib/cache.php @@ -131,19 +131,15 @@ class Shared_Cache extends Cache { foreach ($files as &$file) { $file['mimetype'] = $this->getMimetype($file['mimetype']); $file['mimepart'] = $this->getMimetype($file['mimepart']); + $file['usersPath'] = 'files/Shared/' . ltrim($file['path'], '/'); } return $files; } else { - if ($cache = $this->getSourceCache($folder)) { + $cache = $this->getSourceCache($folder); + if ($cache) { $sourceFolderContent = $cache->getFolderContents($this->files[$folder]); foreach ($sourceFolderContent as $key => $c) { - $ownerPathParts = explode('/', \OC_Filesystem::normalizePath($c['path'])); - $userPathParts = explode('/', \OC_Filesystem::normalizePath($folder)); - $usersPath = 'files/Shared/'.$userPathParts[1]; - foreach (array_slice($ownerPathParts, 3) as $part) { - $usersPath .= '/'.$part; - } - $sourceFolderContent[$key]['usersPath'] = $usersPath; + $sourceFolderContent[$key]['usersPath'] = 'files/Shared/' . $folder . '/' . $c['name']; } return $sourceFolderContent; diff --git a/apps/files_sharing/tests/cache.php b/apps/files_sharing/tests/cache.php index 56a51c83f6b..5e61eb86dd7 100644 --- a/apps/files_sharing/tests/cache.php +++ b/apps/files_sharing/tests/cache.php @@ -2,8 +2,9 @@ /** * ownCloud * - * @author Vincent Petry + * @author Vincent Petry, Bjoern Schiessle * @copyright 2014 Vincent Petry + * 2014 Bjoern Schiessle * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -23,13 +24,19 @@ require_once __DIR__ . '/base.php'; class Test_Files_Sharing_Cache extends Test_Files_Sharing_Base { + /** + * @var OC_FilesystemView + */ + public $user2View; + function setUp() { parent::setUp(); self::loginHelper(self::TEST_FILES_SHARING_API_USER1); + $this->user2View = new \OC\Files\View('/'. self::TEST_FILES_SHARING_API_USER2 . '/files'); + // prepare user1's dir structure - $textData = "dummy file data\n"; $this->view->mkdir('container'); $this->view->mkdir('container/shareddir'); $this->view->mkdir('container/shareddir/subdir'); @@ -115,6 +122,103 @@ class Test_Files_Sharing_Cache extends Test_Files_Sharing_Base { $this->verifyFiles($check, $results); } + function testGetFolderContentsInRoot() { + $results = $this->user2View->getDirectoryContent('/Shared/'); + + $this->verifyFiles( + array( + array( + 'name' => 'shareddir', + 'path' => '/shareddir', + 'mimetype' => 'httpd/unix-directory', + 'usersPath' => 'files/Shared/shareddir' + ), + array( + 'name' => 'shared single file.txt', + 'path' => '/shared single file.txt', + 'mimetype' => 'text/plain', + 'usersPath' => 'files/Shared/shared single file.txt' + ), + ), + $results + ); + } + + function testGetFolderContentsInSubdir() { + //$results = $this->sharedStorage->getCache()->getFolderContents('shareddir'); + $results = $this->user2View->getDirectoryContent('/Shared/shareddir'); + + $this->verifyFiles( + array( + array( + 'name' => 'bar.txt', + 'path' => 'files/container/shareddir/bar.txt', + 'mimetype' => 'text/plain', + 'usersPath' => 'files/Shared/shareddir/bar.txt' + ), + array( + 'name' => 'emptydir', + 'path' => 'files/container/shareddir/emptydir', + 'mimetype' => 'httpd/unix-directory', + 'usersPath' => 'files/Shared/shareddir/emptydir' + ), + array( + 'name' => 'subdir', + 'path' => 'files/container/shareddir/subdir', + 'mimetype' => 'httpd/unix-directory', + 'usersPath' => 'files/Shared/shareddir/subdir' + ), + ), + $results + ); + } + + function testGetFolderContentsWhenSubSubdirShared() { + self::loginHelper(self::TEST_FILES_SHARING_API_USER1); + + $fileinfo = $this->view->getFileInfo('container/shareddir/subdir'); + \OCP\Share::shareItem('folder', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_USER, + self::TEST_FILES_SHARING_API_USER3, 31); + + self::loginHelper(self::TEST_FILES_SHARING_API_USER3); + + $thirdView = new \OC\Files\View('/' . self::TEST_FILES_SHARING_API_USER3 . '/files'); + //list($this->sharedStorage, $internalPath) = $thirdView->resolvePath('files/Shared'); + $results = $thirdView->getDirectoryContent('/Shared/subdir'); + + $this->verifyFiles( + array( + array( + 'name' => 'another too.txt', + 'path' => 'files/container/shareddir/subdir/another too.txt', + //'path' => '/subdir/another too.txt', + 'mimetype' => 'text/plain', + 'usersPath' => 'files/Shared/subdir/another too.txt' + ), + array( + 'name' => 'another.txt', + 'path' => 'files/container/shareddir/subdir/another.txt', + //'path' => '/subdir/another.txt', + 'mimetype' => 'text/plain', + 'usersPath' => 'files/Shared/subdir/another.txt' + ), + array( + 'name' => 'not a text file.xml', + 'path' => 'files/container/shareddir/subdir/not a text file.xml', + //'path' => '/subdir/not a text file.xml', + 'mimetype' => 'application/xml', + 'usersPath' => 'files/Shared/subdir/not a text file.xml' + ), + ), + $results + ); + + self::loginHelper(self::TEST_FILES_SHARING_API_USER1); + + \OCP\Share::unshare('folder', $fileinfo['fileid'], \OCP\Share::SHARE_TYPE_USER, + self::TEST_FILES_SHARING_API_USER3); + } + /** * Checks that all provided attributes exist in the files list, * only the values provided in $examples will be used to check against From 0c0e4fced5fb64c814d8af1cf532b1ca42b49692 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Mon, 10 Feb 2014 14:50:04 +0100 Subject: [PATCH 16/22] fix test so that it doesn't depend on the array order --- apps/files_sharing/tests/cache.php | 39 +++++++++++++++++++----------- 1 file changed, 25 insertions(+), 14 deletions(-) diff --git a/apps/files_sharing/tests/cache.php b/apps/files_sharing/tests/cache.php index 5e61eb86dd7..a75e1860527 100644 --- a/apps/files_sharing/tests/cache.php +++ b/apps/files_sharing/tests/cache.php @@ -145,7 +145,6 @@ class Test_Files_Sharing_Cache extends Test_Files_Sharing_Base { } function testGetFolderContentsInSubdir() { - //$results = $this->sharedStorage->getCache()->getFolderContents('shareddir'); $results = $this->user2View->getDirectoryContent('/Shared/shareddir'); $this->verifyFiles( @@ -183,7 +182,6 @@ class Test_Files_Sharing_Cache extends Test_Files_Sharing_Base { self::loginHelper(self::TEST_FILES_SHARING_API_USER3); $thirdView = new \OC\Files\View('/' . self::TEST_FILES_SHARING_API_USER3 . '/files'); - //list($this->sharedStorage, $internalPath) = $thirdView->resolvePath('files/Shared'); $results = $thirdView->getDirectoryContent('/Shared/subdir'); $this->verifyFiles( @@ -191,21 +189,18 @@ class Test_Files_Sharing_Cache extends Test_Files_Sharing_Base { array( 'name' => 'another too.txt', 'path' => 'files/container/shareddir/subdir/another too.txt', - //'path' => '/subdir/another too.txt', 'mimetype' => 'text/plain', 'usersPath' => 'files/Shared/subdir/another too.txt' ), array( 'name' => 'another.txt', 'path' => 'files/container/shareddir/subdir/another.txt', - //'path' => '/subdir/another.txt', 'mimetype' => 'text/plain', 'usersPath' => 'files/Shared/subdir/another.txt' ), array( 'name' => 'not a text file.xml', 'path' => 'files/container/shareddir/subdir/not a text file.xml', - //'path' => '/subdir/not a text file.xml', 'mimetype' => 'application/xml', 'usersPath' => 'files/Shared/subdir/not a text file.xml' ), @@ -220,19 +215,35 @@ class Test_Files_Sharing_Cache extends Test_Files_Sharing_Base { } /** - * Checks that all provided attributes exist in the files list, - * only the values provided in $examples will be used to check against - * the file list. The files order also needs to be the same. + * Check if 'results' contains the expected 'examples' only. * * @param array $examples array of example files - * @param array $files array of files + * @param array $results array of files */ - private function verifyFiles($examples, $files) { - $this->assertEquals(count($examples), count($files)); - foreach ($files as $i => $file) { - foreach ($examples[$i] as $key => $value) { - $this->assertEquals($value, $file[$key]); + private function verifyFiles($examples, $results) { + $this->assertEquals(count($examples), count($results)); + + foreach ($examples as $example) { + foreach ($results as $key => $result) { + if ($result['name'] === $example['name']) { + $this->verifyKeys($example, $result); + unset($results[$key]); + break; + } } } + $this->assertTrue(empty($results)); } + + /** + * @brief verify if each value from the result matches the expected result + * @param array $example array with the expected results + * @param array $result array with the results + */ + private function verifyKeys($example, $result) { + foreach ($example as $key => $value) { + $this->assertEquals($value, $result[$key]); + } + } + } From d9e333c0da352eea6731f66e7c89f63edd837426 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Fri, 21 Feb 2014 11:18:23 +0100 Subject: [PATCH 17/22] use directory from original instead of current dir --- core/js/oc-dialogs.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/js/oc-dialogs.js b/core/js/oc-dialogs.js index f4e3ec01447..d1bcb4659b8 100644 --- a/core/js/oc-dialogs.js +++ b/core/js/oc-dialogs.js @@ -293,7 +293,7 @@ var OCdialogs = { conflict.find('.replacement .size').text(humanFileSize(replacement.size)); conflict.find('.replacement .mtime').text(formatDate(replacement.lastModifiedDate)); } - var path = getPathForPreview(original.name); + var path = original.directory + '/' +original.name; Files.lazyLoadPreview(path, original.mime, function(previewpath){ conflict.find('.original .icon').css('background-image','url('+previewpath+')'); }, 96, 96, original.etag); From 877cfb963ac67dc4a2eb7ea9f4923aa43894d38d Mon Sep 17 00:00:00 2001 From: Jan-Christoph Borchardt Date: Fri, 21 Feb 2014 14:07:25 +0100 Subject: [PATCH 18/22] use SVG icons from icons.css for New file menu --- apps/files/css/files.css | 24 +++++++++++++++++------- apps/files/templates/index.php | 17 +++++++++++------ core/css/icons.css | 6 ++++++ 3 files changed, 34 insertions(+), 13 deletions(-) diff --git a/apps/files/css/files.css b/apps/files/css/files.css index 3ad167054c2..2824d04d596 100644 --- a/apps/files/css/files.css +++ b/apps/files/css/files.css @@ -20,7 +20,7 @@ padding: 10px; font-weight: normal; } -#new>a { +#new > a { padding: 14px 10px; position: relative; top: 7px; @@ -30,7 +30,7 @@ border-bottom-right-radius: 0; border-bottom: none; } -#new>ul { +#new > ul { display: none; position: fixed; min-width: 112px; @@ -39,16 +39,26 @@ padding-bottom: 0; margin-top: 14px; margin-left: -1px; - text-align:left; + text-align: left; background: #f8f8f8; border: 1px solid #ddd; border-radius: 5px; border-top-left-radius: 0; - box-shadow:0 2px 7px rgba(170,170,170,.4); + box-shadow: 0 2px 7px rgba(170,170,170,.4); +} +#new > ul > li { + height: 36px; + margin: 5px; + padding-left: 48px; + padding-bottom: 2px; + background-position: initial; + cursor: pointer; +} +#new > ul > li > p { + cursor: pointer; + padding-top: 7px; + padding-bottom: 7px; } -#new>ul>li { height:36px; margin:5px; padding-left:48px; padding-bottom:2px; - background-repeat:no-repeat; cursor:pointer; } -#new>ul>li>p { cursor:pointer; padding-top: 7px; padding-bottom: 7px;} #new .error, #fileList .error { color: #e9322d; diff --git a/apps/files/templates/index.php b/apps/files/templates/index.php index 939043b2c9f..ed15e46a5ac 100644 --- a/apps/files/templates/index.php +++ b/apps/files/templates/index.php @@ -5,12 +5,17 @@
t('New'));?>
    -
  • .txt'>

    t('Text file'));?>

    • -
  • '>

    t('Folder'));?>

    • -

  • t('From link'));?>

    • +
  • +

    t('Text file'));?>

    +
    • +
  • +

    t('Folder'));?>

    +
    • +
  • +

    t('From link'));?>

    +
diff --git a/core/css/icons.css b/core/css/icons.css index 2dc35084122..814749c5af8 100644 --- a/core/css/icons.css +++ b/core/css/icons.css @@ -226,6 +226,12 @@ .icon-folder { background-image: url('../img/places/folder.svg'); } +.icon-filetype-text { + background-image: url('../img/filetypes/text.svg'); +} +.icon-filetype-folder { + background-image: url('../img/filetypes/folder.svg'); +} .icon-home { background-image: url('../img/places/home.svg'); From 6f56fd99a65253c638eaaefa064634d372e3c8bf Mon Sep 17 00:00:00 2001 From: Jan-Christoph Borchardt Date: Fri, 21 Feb 2014 14:10:13 +0100 Subject: [PATCH 19/22] fix too much distance between text and icon --- apps/files/css/files.css | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/files/css/files.css b/apps/files/css/files.css index 2824d04d596..af863aca33e 100644 --- a/apps/files/css/files.css +++ b/apps/files/css/files.css @@ -49,7 +49,7 @@ #new > ul > li { height: 36px; margin: 5px; - padding-left: 48px; + padding-left: 42px; padding-bottom: 2px; background-position: initial; cursor: pointer; From c0a6af82193b6cc9e69fad23acef997f7240a1b3 Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Fri, 21 Feb 2014 15:12:15 +0100 Subject: [PATCH 20/22] Updated submodule to include XML processing fixes --- 3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/3rdparty b/3rdparty index c7b4cdbcc1f..478de4b756f 160000 --- a/3rdparty +++ b/3rdparty @@ -1 +1 @@ -Subproject commit c7b4cdbcc1faa56df2489a5753b457627f460c07 +Subproject commit 478de4b756f3729f762d838b29f69f2a40e5f4f8 From fe44ac264bd8f636c1189d6ad6430ac991038ae6 Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Tue, 18 Feb 2014 16:26:37 +0100 Subject: [PATCH 21/22] Add overwritehost config on setup and upgrade --- config/config.sample.php | 3 +++ lib/private/request.php | 46 +++++++++++++++++++++++++++------------- lib/private/setup.php | 1 + lib/private/updater.php | 15 +++++++++++++ 4 files changed, 50 insertions(+), 15 deletions(-) diff --git a/config/config.sample.php b/config/config.sample.php index 0cd321d095d..ed37c60adf0 100755 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -53,6 +53,9 @@ $CONFIG = array( /* The optional authentication for the proxy to use to connect to the internet. The format is: [username]:[password] */ "proxyuserpwd" => "", +/* List of trusted domains, to prevent host header poisoning ownCloud is only using these Host headers */ +'trusted_domains' => array('demo.owncloud.org'), + /* Theme to use for ownCloud */ "theme" => "", diff --git a/lib/private/request.php b/lib/private/request.php index 2c5b907846e..c3e28a9f08b 100755 --- a/lib/private/request.php +++ b/lib/private/request.php @@ -24,6 +24,16 @@ class OC_Request { or ($type !== 'protocol' and OC_Config::getValue('forcessl', false)); } + /** + * @brief Checks whether a domain is considered as trusted. This is used to prevent Host Header Poisoning. + * @param string $host + * @return bool + */ + public static function isTrustedDomain($domain) { + $trustedList = \OC_Config::getValue('trusted_domains', array('')); + return in_array($domain, $trustedList); + } + /** * @brief Returns the server host * @returns string the server host @@ -43,21 +53,27 @@ class OC_Request { $host = trim(array_pop(explode(",", $_SERVER['HTTP_X_FORWARDED_HOST']))); } else{ - $host=$_SERVER['HTTP_X_FORWARDED_HOST']; + $host = $_SERVER['HTTP_X_FORWARDED_HOST']; } - } - else{ + } else { if (isset($_SERVER['HTTP_HOST'])) { - return $_SERVER['HTTP_HOST']; + $host = $_SERVER['HTTP_HOST']; } if (isset($_SERVER['SERVER_NAME'])) { - return $_SERVER['SERVER_NAME']; + $host = $_SERVER['SERVER_NAME']; } - return 'localhost'; } - return $host; - } + // Verify that the host is a trusted domain if the trusted domains + // are defined + // If no trusted domain is provided the first trusted domain is returned + if(self::isTrustedDomain($host) || \OC_Config::getValue('trusted_domains', "") === "") { + return $host; + } else { + $trustedList = \OC_Config::getValue('trusted_domains', array('')); + return $trustedList[0]; + } + } /** * @brief Returns the server protocol @@ -71,14 +87,14 @@ class OC_Request { } if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) { $proto = strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']); - }else{ - if(isset($_SERVER['HTTPS']) and !empty($_SERVER['HTTPS']) and ($_SERVER['HTTPS']!='off')) { - $proto = 'https'; - }else{ - $proto = 'http'; - } + // Verify that the protocol is always HTTP or HTTPS + // default to http if an invalid value is provided + return $proto === 'https' ? 'https' : 'http'; + } + if (isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') { + return 'https'; } - return $proto; + return 'http'; } /** diff --git a/lib/private/setup.php b/lib/private/setup.php index 5232398d1d7..f3ef4df200d 100644 --- a/lib/private/setup.php +++ b/lib/private/setup.php @@ -65,6 +65,7 @@ class OC_Setup { OC_Config::setValue('passwordsalt', $salt); //write the config file + OC_Config::setValue('trusted_domains', array(OC_Request::serverHost())); OC_Config::setValue('datadirectory', $datadir); OC_Config::setValue('dbtype', $dbtype); OC_Config::setValue('version', implode('.', OC_Util::getVersion())); diff --git a/lib/private/updater.php b/lib/private/updater.php index 764a0f14120..f05d5038b76 100644 --- a/lib/private/updater.php +++ b/lib/private/updater.php @@ -102,6 +102,20 @@ class Updater extends BasicEmitter { $this->log->debug('starting upgrade from ' . $installedVersion . ' to ' . $currentVersion, array('app' => 'core')); } $this->emit('\OC\Updater', 'maintenanceStart'); + + /* + * START CONFIG CHANGES FOR OLDER VERSIONS + */ + if (version_compare($currentVersion, '6.90.1', '<')) { + // Add the overwriteHost config if it is not existant + // This is added to prevent host header poisoning + \OC_Config::setValue('trusted_domains', \OC_Config::getValue('trusted_domains', array(\OC_Request::serverHost()))); + } + /* + * STOP CONFIG CHANGES FOR OLDER VERSIONS + */ + + try { \OC_DB::updateDbFromStructure(\OC::$SERVERROOT . '/db_structure.xml'); $this->emit('\OC\Updater', 'dbUpgrade'); @@ -162,3 +176,4 @@ class Updater extends BasicEmitter { $this->emit('\OC\Updater', 'filecacheDone'); } } + From e549977d0e2fd7afae5adb253038494247a27322 Mon Sep 17 00:00:00 2001 From: Morris Jobke Date: Fri, 21 Feb 2014 17:31:24 +0100 Subject: [PATCH 22/22] update 3rdparty submodule to current master --- 3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/3rdparty b/3rdparty index f776a03d060..478de4b756f 160000 --- a/3rdparty +++ b/3rdparty @@ -1 +1 @@ -Subproject commit f776a03d06088cd64cdc94aa61834ba358ad36f5 +Subproject commit 478de4b756f3729f762d838b29f69f2a40e5f4f8