sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
82,672 Commits
620 Branches
1167 Tags
9.0 GiB
Commit Graph

29 Commits (e2ea6d46802255cd1dcdedf0c0d5aeabdcaf283d)

Author SHA1 Message Date
Ferdinand Thiessen 5981b7eb51
chore: apply new CSFixer rules 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>

# Conflicts:
#	apps/settings/lib/SetupChecks/PhpOpcacheSetup.php
 2025-07-01 16:26:50 +07:00
Arthur Schiwon fdd24090ff
fix(Middleware): log deprecation when annotation was actually used 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-11-12 22:15:08 +07:00
provokateurin 9836e9b164
chore(deps): Update nextcloud/coding-standard to v1.3.1 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-09-19 14:21:20 +07:00
Daniel Kesselberg af6de04e9e
style: update codestyle for coding-standard 1.2.3 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2024-08-25 19:34:58 +07:00
provokateurin e5dcdfb9e0
feat(Security): Warn about using annotations instead of attributes 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-07-18 11:25:32 +07:00
Andy Scherzinger dae7c159f7
chore: Add SPDX header 
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
 2024-05-24 13:11:22 +07:00
Joas Schilling aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1 
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-23 10:36:13 +07:00
Alexander Piskun 0b8a3b578d fixed Drone test 
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
 2023-10-06 13:46:37 +07:00
Alexander Piskun f16c9f42c6 added CORS skip if session was created by AppAPI 
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
 2023-10-02 11:08:21 +07:00
Joas Schilling 25309bcb45
techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-28 15:50:45 +07:00
Joas Schilling ecb8b55c5c
feat(security): Add PHP \Attribute for remaining security annotations 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-04-25 14:50:32 +07:00
Ferdinand Thiessen f655f83c84 fix(CORS): CORS should only be bypassed on `PublicPage` if not logged in to prevent CSRF attack vectors 
Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
 2023-02-16 22:55:18 +07:00
Côme Chilliet f5c361cf44
composer run cs:fix 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-01-20 11:45:08 +07:00
Jonas Rittershofer c8b7a233a5 Allow CSRF on CORS routes 
Co-authored-by: Julius Härtl <jus@bitgrid.net>
Co-authored-by: Andreas Brinner <andreas@everlanes.net>
Signed-off-by: Jonas Rittershofer <jotoeri@users.noreply.github.com>
 2022-09-21 10:42:00 +07:00
John Molakvoæ (skjnldsv) 215aef3cbd
Update php licenses 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2021-06-04 22:02:41 +07:00
korelstar b38e8678e4 fix error when using CORS with no auth credentials 2021-05-18 07:11:10 +07:00
Christoph Wurst d9015a8c94
Format code to a single space around binary operators 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-10-05 20:25:24 +07:00
Christoph Wurst caff1023ea
Format control structures, classes, methods and function 
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.

This also removes and empty lines from method/function bodies at the
beginning and end.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-10 14:19:56 +07:00
Christoph Wurst afbd9c4e6e
Unify function spacing to PSR2 recommendation 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-09 13:54:22 +07:00
Christoph Wurst 5bf3d1bb38
Update license headers 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-12-05 15:38:45 +07:00
Lukas Reschke f93a82b8b0
Remove explicit type hints for Controller 
This is public API and breaks the middlewares of existing apps. Since this also requires maintaining two different code paths for 12 and 13 I'm at the moment voting for reverting this change.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-08-01 17:32:03 +07:00
Roeland Jago Douma 3548603a88
Fix middleware implementations signatures 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-07-31 16:54:19 +07:00
Joas Schilling ba87db3fcc
Fix others 2016-07-21 18:13:57 +07:00
Lukas Reschke ba4f12baa0
Implement brute force protection 
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.

It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
 2016-07-20 22:08:56 +07:00
Christoph Wurst 82b50d126c
add PasswordLoginForbiddenException 2016-06-17 11:02:07 +07:00
Christoph Wurst 331d88bcab
create session token on all APIs 2016-06-13 15:38:34 +07:00
Christoph Wurst 9997c431c3
use client login method on CORS routes 2016-06-08 15:18:53 +07:00
Lukas Reschke aba539703c
Update license headers 2016-05-26 19:57:24 +07:00
Roeland Jago Douma 1d33a5ef13
Move \OC\AppFramework to PSR-4 
* Also moved the autoloader setup a bit up since we need it in initpaths
 2016-04-22 15:28:09 +07:00