- Jul 21, 2016
-
-
Joas Schilling authored -
Lukas Reschke authored
This reverts commit deef15a3.
-
Lukas Reschke authored
-
- Jul 20, 2016
-
-
Lukas Reschke authored
-
-
-
Lukas Reschke authored
Since it is just faking the 10 we need to hardcode this here...
-
Lukas Reschke authored
-
Lukas Reschke authored
-
Lukas Reschke authored
Class Throttler implements the bruteforce protection for security actions in Nextcloud. It is working by logging invalid login attempts to the database and slowing down all login attempts from the same subnet. The max delay is 30 seconds and the starting delay are 200 milliseconds. (after the first failed login)
-
Roeland Jago Douma authored
* OCSException * OCSBadRequestException * OCSForbiddenException * OCSNotFoundException
-
Lukas Reschke authored
Fixes https://github.com/nextcloud/server/issues/50
-
Klaas Freitag authored
-
Aaron Wood authored
* Escape LIKE parameter * Escape LIKE parameter * Escape LIKE parameter * Escape LIKE parameter * Escape LIKE parameter * Use correct method in the AbstractMapping class * Change the getNamesBySearch method so that input can be properly escaped while still supporting matches * Don't escape hardcoded wildcard
-
Lukas Reschke authored
Sync from https://github.com/owncloud/core/pull/25488
-
- Jul 19, 2016
-
-
Joas Schilling authored
When the server is in maintenance mode, apps are not loaded. That means apps/theming/ is not in the allowed paths. So we need to check without autoloading, whether the class exists.
-
- Jul 18, 2016
-
-
Joas Schilling authored
-
Joas Schilling authored
-
Roeland Jago Douma authored
-
Roeland Jago Douma authored
-
Roeland Jago Douma authored
-
- Jul 15, 2016
-
-
Roeland Jago Douma authored
Fixes #215 The asset pipeline has shown to do more harm than good. Some apps fail hard with it. Also it makes sure that you download a huge file on each unvisited page.
-
Joas Schilling authored
-
- Jul 13, 2016
-
-
Robin Appelman authored
-
- Jul 12, 2016
-
-
Robin Appelman authored
-
Robin Appelman authored
-
Robin Appelman authored
-
- Jul 11, 2016
-
-
Bjoern Schiessle authored
-
- Jul 08, 2016
-
-
Bjoern Schiessle authored
always check the mtime of the system bundle and additionally the user specific certificate bundle if a user is given
-
Morris Jobke authored
* the setup check is still there
-
Morris Jobke authored
-
- Jul 07, 2016
-
-
Morris Jobke authored
This reverts commit 854352d9.
-
- Jul 06, 2016
-
-
Johannes Ernst authored
Stricter checking for valid domain names
-
Johannes Ernst authored
Added test cases
-
Vincent Petry authored
-
Thomas Pulzer authored
Added casting database port to int for input sanitation in pgsql and oci connections.
-
Thomas Pulzer authored
Extended the database setup to store the database port. Changed the PostgreSQL connection error message for clarification.
-
Johannes Ernst authored
Use === instead of == for extra paranoia.
-
- Jul 05, 2016
-
-
Johannes Ernst authored
Allow wildcard * to be used in trusted domains, to support setups where no reliable DNS entry is available (e.g. mDNS) or for simple-to-setup aliasing (e.g. *.example.com)
-
Thomas Müller authored
* Wait for socket to be open * Fix call on null * Allow DB access for MountProviderTest Makes unit tests pass when using object store, since their FS access is actually oc_filecache DB access. It is currently not possible to mock or bypass the logic from "SharedMount::verifyMountPoint()" triggered by this test.
-