nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Ferdinand Thiessen	5b96cca038	chore(Http\Client): fix linting issues Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-07-09 14:42:58 +07:00
Ferdinand Thiessen	5981b7eb51	chore: apply new CSFixer rules Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de> # Conflicts: # apps/settings/lib/SetupChecks/PhpOpcacheSetup.php	2025-07-01 16:26:50 +07:00
Daniel Kesselberg	3d0fb7e603	docs(http): Update return type for getBody Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2025-06-30 11:50:10 +07:00
georglauterbach	4d517a33ba	fix: remove superflous line Signed-off-by: georglauterbach <44545919+georglauterbach@users.noreply.github.com>	2024-11-09 11:56:19 +07:00
georglauterbach	387cd8b771	fix: do not query CNAME if A succeeded already Signed-off-by: georglauterbach <44545919+georglauterbach@users.noreply.github.com>	2024-11-06 20:21:38 +07:00
Thomas Citharel	dcd27fd986	feat(http-client): expose default request timeout constant to be used instead of magic number 30 Will be used to set default where we are able to override the default timeout. See https://github.com/nextcloud/server/pull/48418 Signed-off-by: Thomas Citharel <tcit@tcit.fr>	2024-10-11 10:57:02 +07:00
Daniel Kesselberg	6be00432b7	chore: always execute parse_url in preventLocalAddress This change should make it easier to spot wrong uses of the HTTP client on development setups where allow_local_remote_servers is usually true. Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2024-10-01 18:00:47 +07:00
provokateurin	9836e9b164	chore(deps): Update nextcloud/coding-standard to v1.3.1 Signed-off-by: provokateurin <kate@provokateurin.de>	2024-09-19 14:21:20 +07:00
Daniel Kesselberg	af6de04e9e	style: update codestyle for coding-standard 1.2.3 Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2024-08-25 19:34:58 +07:00
Andy Scherzinger	dae7c159f7	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2024-05-24 13:11:22 +07:00
Benjamin Gaussorgues	7e4be1fcfd	fix(dns): detect disabled IPv6 support in DNS pinning Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2024-03-26 12:04:51 +07:00
John Molakvoæ	836c882b8c	Merge pull request #43446 from jithin-space/add-patch-request-to-http-client-interface	2024-03-16 13:21:13 +07:00
Côme Chilliet	82fbab4632	fix: Swap method and uri parameter in request to match upstream order Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-03-07 14:06:08 +07:00
Ferdinand Thiessen	01d5af66be	feat(IClient): Add `request` function to do arbitrary HTTP requests Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-03-07 14:06:08 +07:00
Joas Schilling	ecb111cec7	fix(federation): Allow cloud federation providers to handle unsuccessful return codes Otherwise they are put to retry and will immediately trigger bruteforce protection infinitely Signed-off-by: Joas Schilling <coding@schilljs.com>	2024-02-28 10:20:55 +07:00
Robin Kluth	414f8f1f2d	Include `hostName:$port` for Host access violation message as well Signed-off-by: Robin Kluth <Commifreak@users.noreply.github.com>	2024-02-24 11:34:34 +07:00
Robin Kluth	25c0021137	Log Host/IP in `LocalServerException` for `Host violates local access rules` Signed-off-by: Robin Kluth <Commifreak@users.noreply.github.com>	2024-02-24 11:34:34 +07:00
Robin Kluth	d70cd5add2	Log Host/IP in `LocalServerException` for `Host violates local access rules` Signed-off-by: Robin Kluth <Commifreak@users.noreply.github.com>	2024-02-24 11:34:34 +07:00
jithin-space	7c11414c9b	added patch method Signed-off-by: jithin-space <jithin.thankachan@gpsrenewables.com>	2024-02-08 15:54:20 +07:00
Joas Schilling	aa5f037af7	chore: apply changes from Nextcloud coding standards 1.1.1 Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2023-11-23 10:36:13 +07:00
Daniel Kesselberg	f8f985602b	test: add tests for dns pin middleware Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2023-09-12 14:04:23 +07:00
Daniel Kesselberg	03f1f1ed2e	enh: skip processing for empty response Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2023-09-04 15:28:02 +07:00
Daniel Kesselberg	eab46bdfe6	feat: add switch to disable dns pinning Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2023-08-29 18:03:54 +07:00
Joas Schilling	ec6728d710	feat(HTTPClient): Provide wrapped access to Guzzle's asyncRequest() Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-06-27 15:53:57 +07:00
Robin Appelman	e7ab30f5d8	log performance events for http requests Signed-off-by: Robin Appelman <robin@icewind.nl>	2023-04-28 15:37:57 +07:00
Côme Chilliet	426c0341ff	Use typed version of IConfig::getSystemValue as much as possible Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-04-05 12:50:08 +07:00
Côme Chilliet	f5c361cf44	composer run cs:fix Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-01-20 11:45:08 +07:00
Christoph Wurst	ce259435c2	Fix DNS Pin Middleware throwing for public IPs Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2022-11-08 14:18:05 +07:00
Christoph Wurst	8aea25b5b9	Add remote host validation API Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2022-10-31 16:13:28 +07:00
Christoph Wurst	d4b9b010b0	Rename LocalAddressChecker methods to lower case Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2022-10-27 13:24:28 +07:00
Simon L	11108e8032	Revert "fix external storages access" Signed-off-by: szaimen <szaimen@e.mail.de>	2022-10-23 22:36:34 +07:00
John Molakvoæ	304c1b9b61	Merge pull request #33087 from nextcloud/fix/30282/external-storages fix external storages access	2022-10-23 10:42:46 +07:00
Côme Chilliet	31117fa7c7	Fix tests for nested v4 in v6 Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-09-20 12:46:22 +07:00
Côme Chilliet	7ac688a2e5	Use new dependency to normalize IPs Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-09-20 12:34:04 +07:00
Côme Chilliet	a907b74c2a	Add missing urldecode and idn_to_utf8 calls to local address checker The call to idn_to_utf8 call is actually to apply normalization Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-09-20 12:20:35 +07:00
luz paz	368f83095d	Fix typos in lib/private subdirectory Found via `codespell -q 3 -S l10n -L jus ./lib/private` Signed-off-by: luz paz <luzpaz@github.com>	2022-07-27 08:52:17 +07:00
Côme Chilliet	c5ffd7ce32	Use Symfony IpUtils to check for local IP ranges Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-07-12 12:09:05 +07:00
Côme Chilliet	707b46bb01	Check for local IPs nested in IPv6 as well Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-07-12 09:49:27 +07:00
Côme Chilliet	d0830432a7	Refactor local IP if and set strict to true for in_array Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-07-12 09:49:27 +07:00
Côme Chilliet	bd9aff47b6	Improve local IP detection Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-07-12 09:49:27 +07:00
szaimen	2ad53742f2	fix external storages access Signed-off-by: szaimen <szaimen@e.mail.de>	2022-07-01 22:52:10 +07:00
Côme Chilliet	d23c7d245c	Improve local domain detection Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-06-23 11:45:16 +07:00
Côme Chilliet	6be7aa112f	Migrate from ILogger to LoggerInterface in lib/private Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-03-24 16:21:25 +07:00
Vincent Petry	9b6a1cc8ae	Send images to imaginary docker to generate previews Signed-off-by: Carl Schwan <carl@carlschwan.eu> Co-Authored-by: Vincent Petry <vincent@nextcloud.com>	2022-03-17 08:24:07 +07:00
Lukas Reschke	84d9b17dc7	Check for !== false instead Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-07-12 15:06:30 +07:00
Lukas Reschke	b0cef8827d	Check if dns_get_record returns non-false `dns_get_record` can return false which results in exceptions such as the ones shown in https://github.com/nextcloud/server/issues/27870. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-07-12 13:15:20 +07:00
Sanpi	81c272a8a5	Fixes recursion count incrementation Signed-off-by: Sanpi <sanpi@homecomputing.fr>	2021-07-07 12:00:00 +07:00
kesselb	9f04a7c71e	Merge pull request #27801 from nextcloud/enh/noid/hardening-dns-pin-middleware Ignore subdomain for soa queries	2021-07-06 18:55:25 +07:00
Daniel Kesselberg	b6530e5e82	Ignore subdomain for soa queries Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2021-07-05 20:29:06 +07:00
Aaron Ball	484913dc31	Fix DnsPinMiddleware resolve pinning bug Libcurl expects the value of the CURLOPT_RESOLVE configurations to be an array of strings, those strings containing a comma delimited list of resolved IPs for each host:port combination. The original code here does create that array with the host:port:ip combination, but multiple ips for a single host:port result in additional array entries, rather than adding them to the end of the string with a comma. Per the libcurl docs, the `CURLOPT_RESOLVE` array entries should match the syntax `host:port:address[,address]`. This creates a function-scoped associative array which uses `host:port` as the key (which are supposed to be unique and this ensures that), and the value is an array containing IP strings (ipv4 or ipv6). Once the associative array is populated, it is then set to the CURLOPT_RESOLVE array, imploding the ip arrays using a comma delimiter so the array syntax matches the expected by libcurl. Note that this reorders the "foreach ip" and "foreach port" loops. Rather than looping over ips then ports, we now loop over ports then ips, since ports are part of the unique host:port map, and multiple ips can exist therein. Signed-off-by: Aaron Ball <nullspoon@oper.io>	2021-07-02 16:08:44 +07:00

1 2

91 Commits (jtr/fix-public-exceptions-http-codes)