sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
72,217 Commits
616 Branches
1167 Tags
8.9 GiB
Commit Graph

499 Commits (7620d230df8756a9c439c4acbd756fbeae9345f7)

Author SHA1 Message Date
Ferdinand Thiessen 7620d230df
fix(Request): Catch exceptions in `isTrustedProxy` 
The function fails if the configured trusted proxies contain invalid characters and the underlying IpUtils will throw.
But as it is used by `getRemoteAddress` which is used by logging / templating, thrown errors are not reported but silently fail with error 500.

Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de>
Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com>
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-01-27 14:59:51 +07:00
Joas Schilling ce583cb67b
techdebt(Middleware): Add more specific array types so its clickable in IDEs 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-11-30 12:27:08 +07:00
Joas Schilling f6b6776c93
fix(API): Use a distinct exception so apps can react to it and customize the return 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-11-28 06:11:57 +07:00
Arthur Schiwon 3fa43a529b
enh(dispatcher): enforce psalm ranges in the http dispatcher 
- allows devs to provide int ranges for API arguments

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2023-11-24 12:46:38 +07:00
Joas Schilling aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1 
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-23 10:36:13 +07:00
Joas Schilling 2fa78f6245
Reverse X-Forwarded-For list to read the correct proxy remote address 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-11-16 07:45:19 +07:00
Christoph Wurst 78842348b2
feat(dependencyinjection): Allow optional (nullable) services 
Allows working with classes that might or might not be available.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-11-03 11:53:43 +07:00
Joas Schilling 2b7f78fc2e
Merge pull request #40326 from nextcloud/enh/text-to-image-api 
Implement TextToImage OCP API
 2023-10-26 15:53:30 +07:00
Carl Schwan eb1d612d96
Add api to register setup checks 
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2023-10-19 11:43:58 +07:00
Marcel Klehr c8cab9d2fd Implement TextToImage OCP API 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-18 13:21:50 +07:00
Joas Schilling 356c2219bc
Merge pull request #40865 from nextcloud/bugfix/noid/fix-version-comment 
Fix version number in ITimeFactory after it was delayed
 2023-10-16 08:01:09 +07:00
Joas Schilling a8ae09c544
fix(docs): Fix parameter types in docs 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-10-13 11:02:42 +07:00
Joas Schilling 0a4fbaddc7
Fix version number in ITimeFactory after it was delayed 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-10-11 12:14:41 +07:00
Alexander Piskun 0b8a3b578d fixed Drone test 
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
 2023-10-06 13:46:37 +07:00
Alexander Piskun f16c9f42c6 added CORS skip if session was created by AppAPI 
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
 2023-10-02 11:08:21 +07:00
Hamid Dehnavi ea06cf2f39 Convert isset ternary to null coalescing operator 
Signed-off-by: Hamid Dehnavi <hamid.dev.pro@gmail.com>
 2023-09-28 17:44:19 +07:00
Côme Chilliet f68d4f7300
Remove deprecated methods Util::writeLog and DIContainer::log 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-09-25 10:37:12 +07:00
Christoph Wurst e477bb7eaf
feat(appframework): Expose programmatic rate limiter 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-09-20 20:25:27 +07:00
Joas Schilling 25309bcb45
techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-28 15:50:45 +07:00
Joas Schilling 381c35080d
fix(middleware): Fix header injection for bruteforce middleware 
Calling setHeaders(getHeaders()) breaks the CSP nonce for unknown reasons
So shifting back to old standard practise for now

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-22 16:00:39 +07:00
Joas Schilling 2f06f2355d
feat: Add a header which signals that the request was throttled 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-21 16:36:04 +07:00
Robin Appelman ccf57e0715 add separate event for rendering login page template 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-08-17 10:57:56 +07:00
jld3103 12f8543815
Rewrite OCS CSRF check to be readable 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-08-16 15:52:36 +07:00
Joas Schilling 1b387bb341
fix!: Remove legacy event dispatching Symfony's GenericEvent from AdditionalScripts 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-07-27 09:57:52 +07:00
Marcel Klehr 7c80d66ee5
Merge pull request #38854 from nextcloud/enh/llm-api 2023-07-21 11:20:31 +07:00
Marcel Klehr ffe27ce14c Massive refactoring: Turn LanguageModel OCP API into TextProcessing API 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-14 16:00:31 +07:00
Marcel Klehr 82d3b00ab1 LLM OCP API: Add to RegistrationContext 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-07 13:39:10 +07:00
Anna Larch 558e386e46 fix(CardDAV): catch right exception when checking for federated app classes 
Signed-off-by: Anna Larch <anna@nextcloud.com>
 2023-07-06 13:07:14 +07:00
jld3103 b0001c6010
Add template types to responses 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-06-30 09:33:29 +07:00
jld3103 7f4651637a
Allow stdClass in XML responses 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-06-13 11:44:47 +07:00
Robin Appelman 9f1d497a0b
Merge pull request #38261 from fsamapoor/replace_strpos_calls_in_lib_private 
Refactors "strpos" calls in  lib/private to improve code readability.
 2023-06-01 23:10:00 +07:00
Christoph Wurst e76d525a43
chore: Drop \OC_App::getAppInfo 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-06-01 11:31:27 +07:00
Joas Schilling 3a6bc7aba2
fix(middleware): Also abort the request when reaching max delay in afterController 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-05-15 16:20:19 +07:00
Faraz Samapoor e7cc7653b8 Refactors "strpos" calls in lib/private to improve code readability. 
Signed-off-by: Faraz Samapoor <fsamapoor@gmail.com>
 2023-05-15 15:17:19 +07:00
Joas Schilling ecb8b55c5c
feat(security): Add PHP \Attribute for remaining security annotations 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-04-25 14:50:32 +07:00
Joas Schilling 89c3c31402
feat(ratelimit): Add Attributes support to rate limit middleware 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-04-24 12:24:48 +07:00
Côme Chilliet b294edad80
Merge branch 'master' into enh/type-iconfig-getter-calls 
Signed-off-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
 2023-04-20 16:52:38 +07:00
Joas Schilling fd473f89e8
Merge pull request #37674 from nextcloud/feature/speech-to-text 
feat(SpeechToText): Add SpeechToText OCP provider API
 2023-04-19 16:29:44 +07:00
Christoph Wurst a06898a2d0 fix(security)!: Use consistent HTTP status for strict cookie checks 
Before: 503/412
Now: 412 + json body explaining the error

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-04-17 16:06:37 +07:00
Marcel Klehr 317521b607 feat(SpeechToText): Add SpeechToText provider API 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-04-11 14:59:57 +07:00
Côme Chilliet 426c0341ff
Use typed version of IConfig::getSystemValue as much as possible 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-04-05 12:50:08 +07:00
Joas Schilling 2b49861679
Add a debug message when throttling without defining 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-03-08 12:09:22 +07:00
Joas Schilling e839eb9b5c
feat(middleware): Migrate BruteForceProtection annotation to PHP Attribute and allow multiple 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-03-08 12:09:22 +07:00
Joas Schilling c297f8ee96
feat(appframework): Make ITimeFactory extend \PSR\Clock\ClockInterface 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-03-03 15:37:13 +07:00
Julius Härtl 3e63298381
feat(translations): Add translation provider API 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-02-27 16:52:03 +07:00
Julius Härtl 90d2cb09b1
Merge pull request #36396 from nextcloud/fix/cors 2023-02-17 09:42:08 +07:00
Ferdinand Thiessen f655f83c84 fix(CORS): CORS should only be bypassed on `PublicPage` if not logged in to prevent CSRF attack vectors 
Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
 2023-02-16 22:55:18 +07:00
Julius Härtl a705132c8d
Merge pull request #36656 from nextcloud/route-instrumentation 2023-02-14 10:12:19 +07:00
Julius Härtl 610a203d31
Merge pull request #36525 from nextcloud/fix/noid/params-put 
fix: Only get params from PUT content if possible
 2023-02-13 10:25:52 +07:00
Robin Appelman b68be79464 more routing performance instrumentation 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-02-10 11:12:26 +07:00