Skip to content
Snippets Groups Projects
Select Git revision
  • tedomum-prod default
1 result
Compare
user avatar
Don't trust update server
Lukas Reschke authored 
In case the update server may deliver malicious content this would allow an adversary to inject arbitrary HTML into the response. So very bad stuff.

While signing the response would be better and something we can also do in the future (considering the code signing work), this is already a good first start.
f3e91068
History
user avatar f3e91068
History
Name Last commit Last update
.idea
apps
build
config
core
l10n
lib
ocs-provider
ocs
resources/config
settings
tests
themes
3rdparty @ 685012c7
.bowerrc
.gitignore
.gitmodules
.htaccess
.jshintrc
.mailmap
.scrutinizer.yml
.tag
.travis.yml
.user.ini
AUTHORS
CONTRIBUTING.md
COPYING-AGPL
COPYING-README
README.md
autotest-external.sh
autotest-hhvm.sh
autotest-js.sh
autotest.cmd
autotest.sh
bower.json
buildjsdocs.sh
console.php
cron.php
db_structure.xml
index.html
index.php
issue_template.md
occ
public.php
remote.php
robots.txt
status.php
version.php
README.md

ownCloud

ownCloud gives you freedom and control over your own data. A personal cloud which runs on your own server.

Build Status on Jenkins CI

Git master: Build Status

Quality:

  • Scrutinizer: Scrutinizer Quality Score
  • CodeClimate: Code Climate
  • Coverity: Coverity

Dependencies:

Dependency Status

Dependency Status

Installation instructions

https://doc.owncloud.org/server/9.0/developer_manual/app/index.html

Contribution Guidelines

https://owncloud.org/contribute/

Get in touch

Important notice on translations

Please submit translations via Transifex: https://www.transifex.com/projects/p/owncloud/

Transifex

For more detailed information about translations: http://doc.owncloud.org/server/9.0/developer_manual/core/translation.html