sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
71,287 Commits
612 Branches
1167 Tags
8.9 GiB
Commit Graph

173 Commits (e5e139f5a6f1512a854e44ffd3ba6df788b14d3d)

Author SHA1 Message Date
Valdnet 105169433e
Update core/js/setupchecks.js 
Signed-off-by: Valdnet <47037905+Valdnet@users.noreply.github.com>

Co-authored-by: Simon L. <szaimen@e.mail.de>
 2022-02-04 10:17:08 +07:00
Valdnet e172eb09e0
l10n: Remove spaces 
Signed-off-by: Valdnet <47037905+Valdnet@users.noreply.github.com>
 2022-02-04 09:55:36 +07:00
szaimen 84cf39f582 show if the mail server settings are not set or verified 
Signed-off-by: szaimen <szaimen@e.mail.de>
 2022-02-03 20:16:35 +07:00
MichaIng 82c1beaacb Enhance and complement OPcache setup checks 
The current OPcache recommendations match the PHP defaults, but the values are much higher than required to run Nextcloud, even with a high number of installed apps. On the other hand, when other applications use the same OPcache instance, the recommended values might not be sufficient. Accurate recommendations need to take into account actual OPcache usage.

With this commit, recommendations are shown to raise the config value if more than 90% of max cache size or number of keys is used.

The checks whether the module is loaded and whether the OPcache is properly configured have been merged into a single function. This allowed to reduce the overhead of OPcache configuration checks when the module is not loaded.

A check has been added whether Nextcloud is permitted to use the OPcache API. Without this, inconsistencies during core or app upgrades may cause errors and OPcache usage cannot be determined for the new usage based checks.

OPcache usage based checks are skipped when Nextcloud is not permitted to use the API.

Signed-off-by: MichaIng <micha@dietpi.com>
 2021-12-19 23:38:21 +07:00
Vitor Mattos e55ceb2bb1
Show warning on admin settings page 
Signed-off-by: Vitor Mattos <vitor@php.rio>
 2021-10-23 00:54:50 +07:00
Christoph Wurst 4b8f8c5203
Deprecate PHP7.3 for Nextcloud 23 
* 7.3 reaches EOL shortly after the release of 23.0.0
* Nextcloud 24 will require PHP7.4

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2021-10-18 09:15:54 +07:00
Carl Schwan a01917510d
Merge pull request #28863 from nextcloud/Valdnet-patch-2 
l10n: Correct spelling
 2021-09-22 14:08:25 +07:00
Stefan 8758b36ebb Issue 16719: CheckSetupController.php now checks configured temporary directory for existence and if it's writable 
Signed-off-by: Stefan <Stefan.Schilling@EXXETA.com>
 2021-09-17 13:32:42 +07:00
Valdnet d0558a6188
l10n: Spelling unification 
Signed-off-by: Valdnet <47037905+Valdnet@users.noreply.github.com>
 2021-09-16 16:16:27 +07:00
Valdnet 4fa170b918
l10n: Correct spelling 
Signed-off-by: Valdnet <47037905+Valdnet@users.noreply.github.com>
 2021-09-16 15:57:53 +07:00
Guillaume Virlet ec38cf3b53 [Fix #26726] wrong warning when running HTTP instance 
Signed-off-by: Guillaume Virlet <github@virlet.org>
 2021-04-23 22:23:23 +07:00
Valdnet 2b6cda99d3
l10n: Correct text strings 2021-03-02 11:41:45 +07:00
Joas Schilling 96ae83c529
Remove HTML from setup check translations 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-03-01 20:24:02 +07:00
Joas Schilling 9569df7405
Add target black and noref rules to doc links 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-03-01 19:42:34 +07:00
Christoph Wurst 8b64e92b92
Bump doctrine/dbal from 2.12.0 to 3.0.0 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2021-01-08 11:45:19 +07:00
Christoph Wurst f37e150d1c
Merge pull request #24702 from nextcloud/enhancement/well-known-handler-api 
Add well known handlers API
 2020-12-18 13:34:04 +07:00
Julius Härtl b9330887ca
Merge pull request #24740 from nextcloud/bugfix/24738/improve-phone-region-help 
Improve hints for default_phone_region
 2020-12-17 15:29:54 +07:00
Joas Schilling 15956c20c3
Improve hints for default_phone_region 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-12-17 09:14:21 +07:00
Christoph Wurst 6995223b1e
Add well known handlers API 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-12-16 13:13:05 +07:00
Arthur Schiwon 1995097cb8
promoted bad memory_limit setting to error as it may break updater 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2020-12-15 23:50:26 +07:00
Joas Schilling 46b073d7ce
Add a config for default region of phone numbers 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-12-07 14:19:38 +07:00
Joas Schilling d5df033ede
Create primary keys on all tables and add a command to create the afterwards 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-11-10 15:36:27 +07:00
John Molakvoæ 0e1c9af98d
Merge pull request #23869 from nextcloud/rakekniven-patch-1 2020-11-04 12:12:53 +07:00
rakekniven bb04df16c1
Update core/js/setupchecks.js 
Co-authored-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
 2020-11-03 21:27:52 +07:00
rakekniven 9d32ca1884
Update setupchecks.js 
Changed wording of setup check.
Reported at Transifex.

Signed-off-by: rakekniven <mark.ziegler@rakekniven.de>
 2020-11-03 15:55:18 +07:00
Morris Jobke 1c496a5a35
Add a background job that checks for potential user imported SSL certificates and shows a warning in the admin settings 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2020-11-03 10:06:33 +07:00
nhirokinet 830348dbee
Add SVG support check to setup check 
Signed-off-by: nhirokinet <nhirokinet@nhiroki.net>
 2020-11-02 11:29:08 +07:00
Daniel Kesselberg 9c8e8007f9
Remove setup check for php mail 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2020-10-03 21:58:55 +07:00
Morris Jobke f5efd18b07
Clarify PHP warning in admin settings 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2020-09-10 11:08:25 +07:00
Morris Jobke 603d7dab5e
Add setup check that links to the migration documentation 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2020-08-19 15:45:45 +07:00
Daniel Kesselberg c1831f1902
Change const/let to var for PhantomJS 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2020-08-07 17:34:03 +07:00
Daniel Kesselberg 89c6a2bc1f
Add setup checks for php default charset and output buffering. 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2020-07-26 00:54:16 +07:00
Joas Schilling 720dc4e93d
Add optional column oc_comments.reference_id 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-03-31 10:51:15 +07:00
Roeland Jago Douma b0ea022a3e
Add basic reverseproxy misconfig detection to setupchecks 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2020-03-23 10:37:08 +07:00
Roeland Jago Douma c8a360cd7a
Merge pull request #19580 from nextcloud/debt/noid/outdated-check 
Update check for outdated php version.
 2020-03-10 20:10:54 +07:00
Daniel Kesselberg 6eb466776b
Don't show referrer policy warning if fallback policy set. 
Test-Set:

no-referrer-when-downgrade
no-referrer
strict-origin-when-cross-origin
same-origin
no-referrer, strict-origin-when-cross-origin
strict-origin-
unsafe-raw, same-origin
strict-origin-when-downgrade

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2020-02-26 23:51:02 +07:00
Daniel Kesselberg f228d73b38
Update check for outdated php version. 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2020-02-24 20:14:13 +07:00
Daniel Kesselberg bfc956fc88
Set content type for propfind request 
Without the request is sent as application/x-www-form-urlencoded; charset=UTF-8 and might be blocked by some application firewalls because content and content type do not match.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2020-02-21 22:13:49 +07:00
Victor Goff 2663fc442c adviced should be advised 
Signed-off-by: Victor Goff <keeperotphones@gmail.com>
 2019-08-23 07:01:45 +07:00
Christoph Wurst 20afe94297 Do not show a internet connectivity warning if internet access is disabled 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-06-27 10:51:59 +07:00
Christoph Wurst 0f3e438f7c
Move OC.theme to the bundle and deprecate oc_defaults 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-05-14 11:14:29 +07:00
Morris Jobke c8f2198aa0
Remove recommendation for opcache on CLI 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2019-05-09 12:25:53 +07:00
Morris Jobke 25d700ef30
Fix unneeded doc link to unrelated resource 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2019-03-11 11:00:21 +07:00
Morris Jobke 060b637b70
Show a setup warning in case S3 object storage is used as primary storage 
* checks for at least 50 GB of free space

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2019-03-08 13:38:39 +07:00
Morris Jobke 6c7ccbecbf
Add setup check for missing UTF8MB4 on mysql 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2019-02-28 16:46:23 +07:00
Morris Jobke faef05730a
Add unit tests and provide better message 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2019-02-20 10:54:39 +07:00
Bjoern Schiessle 7c31c9a748
add setup check for ocm-provider route 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2019-02-20 10:38:16 +07:00
Morris Jobke 0aa30b76de
Merge pull request #13134 from nextcloud/bugfix/13088/404-instead-of-exception 
returns a 404 instead of exception if app is not installed - #13088
 2019-01-04 17:08:04 +07:00
Daniel Kesselberg 248e824f48
Remove check for outdated caches 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2019-01-02 10:46:14 +07:00
Julius Härtl a3be286273
Make setup check also pass with a 501 status 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2018-12-19 07:41:25 +07:00
Morris Jobke 17b2827bbf
Add setup check for pending bigint conversion 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-12-05 13:42:31 +07:00
Morris Jobke 5b22225351
Update casing of PHP inside method name 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-12-05 00:03:05 +07:00
Morris Jobke f5ad80fc57
Add setup check for recommended PHP modules (i.e. Imagick, intl) 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-12-05 00:03:05 +07:00
Morris Jobke f5894b653d
Add check for missing .woff2 rule in Nginx via setup check 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-11-29 17:01:43 +07:00
Morris Jobke df6e9109c8
Merge pull request #11396 from nextcloud/wellknown-webfinger 
adding .well-known/webfinger
 2018-10-24 14:51:15 +07:00
Daniel Peukert 2da4f96bd6 Remove arrow function 
Signed-off-by: Daniel Peukert <dan.peukert@gmail.com>
 2018-10-17 18:10:37 +07:00
Daniel Peukert b2dfcb5a18 Check if the X-XSS-Protection header contains the required fields 
Signed-off-by: Daniel Peukert <dan.peukert@gmail.com>
 2018-10-17 14:28:51 +07:00
Moritz Beck b68661ed6e
Allow "same-origin" as "Referrer-Policy" 
Fixes #11531

Although "same-origin" is more strict than e.g. strict-origin it showed up a warning in setupcheck
Based on https://scotthelme.co.uk/a-new-security-header-referrer-policy/

Signed-off-by: Moritz Beck <git@birkenstab.de>
 2018-10-11 13:17:26 +07:00
Daniel Calviño Sánchez d143b43a04 Make possible to set the expected status of the well known URL check 
The check is based on the HTTP status returned by the URL, and different
URLs may return different status (for example, DAV returns 207, while
a service like WebFinger would return 200), so the expected status needs
to be set depending on the URL.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
 2018-10-10 13:48:56 +07:00
Timo Förster 006e150c87 Change check if secure randomness is possible. 
Signed-off-by: Timo Förster <tfoerster@webfoersterei.de>
 2018-08-24 23:12:02 +07:00
Michael Weimann 2bab916c53
Adds license to files. Updates the branch. 
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
 2018-08-20 20:46:23 +07:00
Michael Weimann c164409ee7
Adds a memory limit warning for console commands if the limit is below the recommended value 
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
 2018-08-20 15:24:10 +07:00
Michael Weimann c2fced4463
Adds a setup check for the memory limit 
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
 2018-08-20 15:24:10 +07:00
Michael Weimann b2e60e365d
Adds a setup check for app directory permissions. 
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
 2018-08-09 19:47:55 +07:00
Cthulhux f6f49c77f7
opcache module check 
Improved the speed of isOpcacheProperlySetup() (instant return instead of continuing when we're already failed), added a check for the opcache extension itself. Potentially fixes #9410

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-07-11 16:08:40 +07:00
Roeland Jago Douma 6a0c54d5bf
Add warning to setup checks if the default mailer is still php 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-07-04 08:28:33 +07:00
Morris Jobke 9c4aecb539
Merge all setup checks into one controller 
* renamed hasMissingIndexes to missingIndexes

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-06-13 15:25:08 +07:00
Morris Jobke cd87a40eb3
Merge pull request #9836 from nextcloud/feature/noid/merge-tips-and-tricks-into-setup-checks 
Merge tips & tricks section into setup checks
 2018-06-13 13:18:40 +07:00
Morris Jobke 4a0b7aaf6c
Merge tips & tricks section into setup checks 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-06-13 12:05:38 +07:00
Morris Jobke 624d191ef6
Fix wrong hint about missing indexes 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-06-13 11:56:43 +07:00
Morris Jobke 393d9aae74
Add a hint that some indexes are not added yet 
* gives the admin a chance to discover the missing indexes and improve the performance of the instance without digging through the manual
* nicely integrated in the setup checks where this kind of hints belong to
* also adds an option to integrate this from an app based on events
* fix style of setting warnings

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-06-06 16:55:01 +07:00
Roeland Jago Douma 4b70c9f89d
Add referrer policy setup check 
Fixes #9122

Based on https://www.w3.org/TR/referrer-policy/ and
https://scotthelme.co.uk/a-new-security-header-referrer-policy/

Setting a sane Referrer-Policy will tell the browser if/when to send
referrer headers when accessing a link from Nextcloud. When configured
properly this results in less tracking and less leaking of (possibly)
sensitive urls

* Fix tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-06-04 09:21:35 +07:00
Allan Nordhøy 13d8b7f190
Spelling: FreeType 2018-01-14 15:58:36 +07:00
Roeland Jago Douma 7618473a44 Add warning regarding freetype support 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-12-13 17:20:48 +07:00
Morris Jobke ace96a406a
Show hint that PHP 5.6 will not be supported in Nextcloud 14 anymore 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-12-08 10:02:41 +07:00
Allan Nordhøy 55cad46a21
No "to equal to" "We" or "Our", properly 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-11-27 08:50:37 +07:00
Lukas Reschke 6d1d2dde0b
Merge pull request #4856 from coderkun/issue-3808-xframe-deny 
Improve warning for X-Frame-Options header DENY (#3808)
 2017-11-14 14:30:14 +07:00
Markus Staab db34b59238 Prevent XSS in links which open a new browser window 2017-10-19 12:16:04 +07:00
rakekniven f2d999aa70 Update setupchecks.js 
Fixed typo and removed doclink symbol.
Reported at transifex

Update util.php

Another l10n improvement from transifex.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-05-31 13:41:45 +07:00
Morris Jobke 1fedf450ac Update Opcache recommendation 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-05-21 18:21:28 +07:00
coderkun b44c3dd198 Improve warning for X-Frame-Options header DENY (#3808) 
Signed-off-by: Oliver Hanraths <olli@coderkun.de>
 2017-05-14 13:16:36 +07:00
Joas Schilling 1c0bffe87f
Fix translations 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-18 16:40:53 +07:00
Ko- 786ee72146 Add warning on admin screen when set_time_limit is unavailable 2017-03-16 11:48:28 +07:00
Morris Jobke cee8853658
Show info in admin settings about PHP opcache if disabled 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-02-22 23:45:48 +07:00
Morris Jobke a2867c0664
Properly check the data dir 
* fixes #1364

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2016-12-05 23:35:35 +07:00
Joas Schilling 0f06034239
Replace more vendor naming 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-11-11 08:54:21 +07:00
Arthur Schiwon 44f3fcc187
fix internal links in security & setup warnings, resolves #1048 2016-08-25 13:24:50 +07:00
Derek b236100619 Alters 'No Internet Connection' error message. #181 2016-07-20 19:12:10 +07:00
Vincent Petry 97f1813695
Don't reload page in case of auth errors during setup checks 
If an error occurs during setup checks, do not let the global ajax
error handler reload the page.
 2016-06-23 11:54:49 +07:00
Vincent Petry fb087a0261
Use temporary htaccesstest.txt for data dir security check 2016-06-07 18:36:13 +07:00
Morris Jobke e03d289b70
Use 6 months as SSL STS header threshold 
* this uses 6 months (6 * 30 * 24 * 60 * 60 = 15552000)
* old value was half a year (365 / 2 * 24 * 60 * 60 = 15768000)
* fixes #23957
 2016-04-13 08:47:34 +07:00
Lukas Reschke 6ad957906e Consistently use rel=noreferrer 
When linking to external entities we should consistently use rel=noreferrer
 2016-03-20 15:27:20 +07:00
Lukas Reschke 2ca3c0d461 Adjust wording a bit 
**Before:**
> Your PHP version (5.4.16) is no longer supported by PHP. We encourage you to upgrade your PHP version to take advantage of performance and security updates provided by PHP.

**After:**
> You are currently running PHP 5.4.0. We encourage you to upgrade your PHP version to take advantage of performance and security updates provided by the PHP Group as soon as your distribution supports it.

Fixes https://github.com/owncloud/enterprise/issues/1170
 2016-03-11 17:39:35 +07:00
Thomas Müller 8abdcb8085 Fix error ins source language strings 
https://www.transifex.com/owncloud-org/owncloud/translate/#en_GB/core/50786279
https://www.transifex.com/owncloud-org/owncloud/translate/#en_GB/settings-1/50555028
 2016-02-19 15:04:16 +07:00
Vincent Petry b8b77709c0 Add handler for global ajax errors 2016-02-15 12:48:47 +07:00
Lukas Reschke 5ba6148bfe Add check for content 
The response may be a redirect which is always followed by jQuery. Thus leading to false positives depending on the server configuration (e.g. when it issues a 302)

To prevent that there is also a check performed on the response content.
 2016-02-04 16:13:27 +07:00
Vincent Chan faf48e42b7 Move data protection check to javascript 
fixes #20199
 2016-02-01 18:57:58 +07:00
Thomas Müller b1ee51f255 Merge pull request #21630 from owncloud/add-some-security-headers-as-hardening 
Add X-Download-Options and X-Permitted-Cross-Domain-Policies
 2016-01-13 10:33:58 +07:00
Thomas Müller 2493cfede9 Merge pull request #21640 from owncloud/add-config-to-disable-wellknown-check 
Add config switch to disable the .well-known URL check
 2016-01-12 14:46:09 +07:00
Lukas Reschke 4d0dcd3c53 Add X-Download-Options and X-Permitted-Cross-Domain-Policies 
Two small security hardenings for our IE users and those with Adobe products. Aligns it more with https://github.com/twitter/secureheaders#secureheaders---
 2016-01-12 10:37:16 +07:00