842f4d530f
fix(session): Always setup the session if a session cookie is passed
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-12-22 11:33:23 +07:00
6abb37317f
Do not setup a session when not required on WebDAV requests
...
If basic auth is used on WebDAV endpoints, we will not setup a session
by default but instead set a test cookie. Clients which handle session
cookies properly will send back the cookie then on the second request
and a session will be initialized which can be resued for
authentication.
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-12-21 21:17:16 +07:00
a529aa79d8
Strong type singletons from lib/base.php
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2022-12-19 09:10:41 +07:00
e1d324f7eb
Migrate lib/base.php to LoggerInterface
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2022-12-19 09:10:40 +07:00
26d75add8f
Put back cast to string now that timelimit is an int
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2022-12-19 09:10:40 +07:00
7372da6c6d
Fixing more psalm errors from lib/base.php
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2022-12-19 09:10:40 +07:00
444811b0fe
Use Server::get some more
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2022-12-19 09:10:40 +07:00
cf508c1e47
Use strict typing in base.php
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2022-12-19 09:10:40 +07:00
be4c061b75
Set apcu prefix for composer
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-12-07 22:32:06 +07:00
052dcdebe8
Refactor the ErrorHandler into a dynamic class
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2022-11-02 09:49:37 +07:00
11bedf1c3b
Use proper error pages instead of always redirecting
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-10-21 15:12:21 +07:00
f97f13b136
Merge pull request #33737 from andyxheli/patch-4
...
Makes untrusted domain error on info
2022-10-01 18:06:44 +07:00
9b7ef2962e
remove listeners to OC_Filesystem::(write|rename) old style hooks
...
- the events are not emitted anymore
- OC_Filesystem::isBlacklisted() is not called from anywhere else
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2022-09-26 21:07:08 +07:00
80f6a5834a
Refactor cache handling
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-08-31 16:24:35 +07:00
12c8123873
Makes untrusted domain error on info
...
Signed-off-by: Andy Xheli <axheli@axtsolutions.com>
Since e6d9ef2e38e6d9ef2e38https://github.com/nextcloud/server/issues/32599
This should fix.
https://github.com/nextcloud/server/issues/32599#event-7281164903
Signed-off-by: Andy Xheli <axheli@axtsolutions.com>
2022-08-29 13:27:12 +07:00
1b43fbe06c
Move setting of gc_maxlifetime to initSession
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-08-17 12:10:27 +07:00
9e1d431255
Add config option to disable strict session timeout to be able to use read_and_close
...
Fixed https://github.com/nextcloud/server/issues/29356
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-08-17 12:10:27 +07:00
9b4b72826a
Reopen sessions if we need to write to them instead of keeping them open
...
Sessions are a locking operation until we write close them, so close
them early and reopen later in case we want to write to them
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-08-17 12:10:26 +07:00
d17e0699f3
Merge pull request #33173 from nextcloud/enhancement/maintenance-mode-http-header
...
Set special header for 503 maintenance mode
2022-08-10 09:16:02 +07:00
0ed987a8dd
Set special header for 503 maintenance mode
...
This removes ambiguity with a 503 returned by app code, web server or
similar. Front-end and clients can then handle this state accordingly.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2022-08-08 14:26:11 +07:00
a1149b0378
Do not redirect if requested CSS can not be found
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2022-08-08 14:09:58 +07:00
222a9523b5
Fix 404 handling of requested JSON/XML
...
If front-end or an application requests JSON/XML, there is no point in
redirecting to the default page if that response doesn't exist. In the
worst case that would just cause another request, therefore server load,
traffic and a response that is meaningless to the requester.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2022-07-08 19:14:05 +07:00
8e59d49701
Merge pull request #32435 from nextcloud/revert-32278-remove-default-php
...
Revert "Remove call to already default php.ini values"
2022-06-03 14:16:24 +07:00
e4378fd18c
Merge pull request #32349 from nextcloud/enh/projects-event
...
Add event to load additional scripts for projects
2022-05-27 18:36:40 +07:00
83f831c263
Merge pull request #32427 from nextcloud/boot-event-ordering
...
reorder startup events to fix overlapping
2022-05-17 11:55:00 +07:00
8ed92ad4f7
Merge pull request #32216 from SUNET/master
...
Respect user settings in php.ini if they are big enough
2022-05-17 10:14:56 +07:00
a6ca9d592d
Revert "Remove call to already default php.ini values"
2022-05-16 15:54:18 +07:00
a67bf03ac0
reorder startup events to fix overlapping
...
current the `request` and `runtime` events overlap with the `init` event which makes it hard to create usefull visualizations.
this reorders things a bit to remove an overlap
Signed-off-by: Robin Appelman <robin@icewind.nl>
2022-05-16 13:26:38 +07:00
0ace1831f4
Fix suggestions by @artonage
...
Signed-off-by: Micke Nordin <kano@sunet.se>
2022-05-16 10:15:45 +07:00
d3acf8203d
Properly import maintenance script
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-05-16 09:28:15 +07:00
9a6869943e
Introduce event for loading additional script on projects
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-05-12 10:50:13 +07:00
f110ff9f4d
Remove default values
...
These values are already the default on supported PHP versions.
I suggest to remove these calls.
2022-05-05 13:46:09 +07:00
30fe91a77f
Simpler version as proposed by @artonage
...
Co-authored-by: Louis <6653109+artonge@users.noreply.github.com>
Signed-off-by: Micke Nordin <kano@sunet.se>
2022-04-30 16:41:35 +07:00
259664468a
Respect user settings in php.ini if they are big enough
...
In the admin guide:
* https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/big_file_upload_configuration.html
it is mentioned that you can tweek:
* max_input_time
* max_execution_time
in order to enable larger file uploads. However, the current codebase
will hard code these values to one hour, no matter what the user sets in
php.ini.
This patch will allow the user to set these settings in php.ini and they
will be respected, if and only if, they are set to something bigger than
3600 seconds.
Signed-off-by: Micke Nordin <kano@sunet.se>
2022-04-29 14:50:57 +07:00
7d272c54d0
Add a built-in profiler inside Nextcloud
...
The webui is provided by a seperate application named profiler
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
2022-04-04 10:28:26 +07:00
0acd4b5f82
Merge pull request #31235 from nextcloud/techdebt/noid/extract-request-id
...
Extract request id handling to dedicated class so it can be injected without DB dependency
2022-03-22 12:08:45 +07:00
2ff0c972c9
Merge pull request #31124 from nextcloud/enh/diagnostics-logging
...
Diagnostics event logging to log
2022-03-02 12:00:44 +07:00
eede608c0e
Add event logging to app loading
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-02-28 11:24:41 +07:00
63d7e7c798
Build OC\Core\Application when running occ or cron to register listeners correctly
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2022-02-28 10:31:52 +07:00
07a9f34385
Extract request id handling to dedicated class so it can be injected manually
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2022-02-23 11:01:58 +07:00
e6d9ef2e38
Makes untrusted domain error a warning.
...
It sends a 400 to the client, so I could even argue that it should be an error.
But currently as an admin, I'm quiet surprised that I get a 400 in the UI, and nothing in the log with the default level.
I saw this commit that explains the reason why info. But I disagree.
Feel free to close the PR if you don't agree with it.
Signed-off-by: Pierre Ozoux <pierre@ozoux.net>
2022-01-25 10:33:31 +07:00
b46ff973e0
Use less deprecated methods in base.php
...
Signed-off-by: Louis Chemineau <louis@chmn.me>
2022-01-19 11:07:12 +07:00
c8bfd8a559
Load core before the update script
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2022-01-18 14:55:13 +07:00
b664aad7ab
Move bundles to /dist
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2022-01-08 10:11:58 +07:00
03889d1297
l10n: Separate words
...
Signed-off-by: Valdnet <47037905+Valdnet@users.noreply.github.com>
2021-12-15 17:27:26 +07:00
03936d7762
Fix basic auth for OAuth token endpoint
...
Don't try to login when a client is trying to get a OAuth token.
OAuth needs to support basic auth too, so the login is not valid
inside Nextcloud and the Login exception would ruin it.
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-10-19 13:03:23 +07:00
4d7430949a
Remove usage of \OC_Util::getDefaultPageUrl() and \OC_Util::redirectToDefaultPage()
...
Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
2021-08-04 19:02:57 +07:00
b78f3a57d1
Migrate HintException to OCP
...
Signed-off-by: Gary Kim <gary@garykim.dev>
2021-06-30 15:28:02 +07:00
638c04d6e0
accounts event handler to use eventdispatcher, DI and Accounts API
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-06-30 00:41:11 +07:00
cebfe4ba0e
Merge pull request #27190 from nextcloud/bugfix/noid/deduplicate-translation
...
Deduplicate translations and fix double .
2021-06-16 16:50:19 +07:00
Julius Härtl
Côme Chilliet
Christoph Wurst
Simon L
Arthur Schiwon
Andy Xheli
Christoph Wurst
Joas Schilling
Carl Schwan
Robin Appelman
Louis
Micke Nordin
Git'Fellow
Mikael Nordin
Joas Schilling
Pierre Ozoux
Louis Chemineau
John Molakvoæ (skjnldsv)
Valdnet
Daniel Rudolf
Gary Kim