0
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2025-02-26 01:40:18 +00:00
Commit graph

1163 commits

Author SHA1 Message Date
Ferdinand Thiessen
a7346ef38c fix: Do not check for strict cookie when running webcron
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2024-11-15 12:26:22 +00:00
Ferdinand Thiessen
39d66ed5f6
fix(setup-checks): Ensure URL with webroot works
We basically mock the way `URLGenerator::getAbsoluteURL` works,
so we must make sure that the URL might already contain the webroot.
Because `baseURL` and `cliURL` also contain the webroot we need to remove
the webroot from the URL first.

Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de>
Co-authored-by: Daniel <mail@danielkesselberg.de>
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2024-10-11 13:09:20 +02:00
Maxence Lange
135b270807 fix(setup): ignore long session login during installation
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2024-08-27 19:12:02 +00:00
Christoph Wurst
0a0c07cec1 fix(session): Log when session_* calls are slow
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2024-08-07 10:44:58 +00:00
Côme Chilliet
2b1e7f3b29
fix: Fix default values for ini var in lib/base.php
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2024-04-30 10:53:53 +02:00
Côme Chilliet
f2c36a55fe
fix: Remove unused endpoint from base.php
It’s not called anymore, and app loading cannot break boot anymore

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2024-03-06 00:05:15 +01:00
MichaIng
7b137ddd75 feat(updater): hide overwrites from disabled apps list on upgrade
If an incompatible app is enabled manually, it is added to the "app_install_overwrite" array in config.php. Nextcloud upgrades won't disable any app in this array, but they were still shown on the upgrade page and logs as being disabled.

This commit assures that only apps which are really disabled, i.e. which are not in the "app_install_overwrite" array, are shown and logged as disabled during upgrades.

Signed-off-by: MichaIng <micha@dietpi.com>
2024-02-27 20:19:56 +01:00
Côme Chilliet
ccc66e912b
fix: Use DI for Setup class and move away from deprecated methods
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2024-01-29 15:28:00 +01:00
John Molakvoæ
3214324b72
fix(l10n): invalid translation of a number
fix https://github.com/nextcloud/server/issues/35252

Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
2023-10-21 11:48:46 +02:00
Joas Schilling
7998afe8b3
Talk federation authentication
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-10-09 15:44:56 +02:00
Côme Chilliet
f68d4f7300
Remove deprecated methods Util::writeLog and DIContainer::log
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-09-25 10:37:12 +02:00
Arthur Schiwon
603a659a37
fix(autoloader): no apcu no side effects
apcu lead to side effects especially with app management and (soft)
inter-dependencies, and lead also to 500 server errors. While we could
add management to clear apcu cache in many cases (may stil leave edge
cases) the performance benefit is marginally as also class maps are
already cached in opcache. Hence, the simple and effective way to go is
to not use apcu for autoloading.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2023-09-08 16:55:39 +02:00
Alexander Piskun
01a11641f4 new name of AppEcosystem is AppAPI
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
2023-09-06 16:53:53 +03:00
Joas Schilling
25309bcb45
techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-08-28 15:50:45 +02:00
Andrey Borysenko
f7b2dc8ccc
Merge branch 'master' into appecosystem-auth 2023-08-10 17:21:35 +03:00
Andrey Borysenko
d3583d3f30
Fix psalm ci (stub). Wrap server container with try-catch
Signed-off-by: Andrey Borysenko <andrey18106x@gmail.com>
2023-08-02 17:40:58 +03:00
Alexander Piskun
ca76ab98bd added Application Ecosystem V2 login handler
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
2023-08-01 14:50:59 +03:00
Joas Schilling
0c5d0c2127
fix: Migrate collaboration listener and remove legacy adapter
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-07-28 14:11:21 +02:00
Joas Schilling
2014e7b836
fix(apps): Fix loading info.xml file
Ref: https://bugs.php.net/bug.php?id=62577

Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-07-20 10:40:09 +02:00
Simon L
918859cafd allow to specify upgrade.cli-upgrade-link in order to link to the correct documentation
Signed-off-by: Simon L <szaimen@e.mail.de>
2023-06-10 10:05:36 +02:00
Simon L
d293293cda Fixed bug which 'overwritewebroot' does not work with 'overwritecondaddr'.
Signed-off-by: Takahiro Nagai <78393959+takahiro-blab@users.noreply.github.com>
Signed-off-by: Simon L <szaimen@e.mail.de>
2023-05-16 11:39:39 +02:00
Simon L
84b88c01c7 adjust wording
Signed-off-by: Simon L <szaimen@e.mail.de>
2023-05-09 11:19:48 +02:00
Simon L
6e5a307757 adjust wording for update hint when files of a specific app are not there
Signed-off-by: Simon L <szaimen@e.mail.de>
2023-05-09 10:56:02 +02:00
Arthur Schiwon
bb4b34ff69 Read mtime of version.php only once
- in most cases it would read again in \OC_Util::loadVersion anyway
- remove some unused use statements

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2023-04-21 14:10:47 +00:00
Arthur Schiwon
7519949f37 add the server roots and version info hash to apcu prefix
fixes collissions when more than one instance is running on the same
system

For the memcaches we use a more complex prefix, where version and
instance ID are incorporated. We do not have this data at hand at this
point of time. But we can get the mtime of the version.php file
relatively cheap.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2023-04-21 14:10:46 +00:00
Côme Chilliet
b294edad80
Merge branch 'master' into enh/type-iconfig-getter-calls
Signed-off-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
2023-04-20 16:52:38 +02:00
Christoph Wurst
a06898a2d0 fix(security)!: Use consistent HTTP status for strict cookie checks
Before: 503/412
Now: 412 + json body explaining the error

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2023-04-17 16:06:37 +00:00
Maxence Lange
fc29b0d1b7 app type extended_authentication
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2023-04-12 09:34:49 -01:00
Côme Chilliet
426c0341ff
Use typed version of IConfig::getSystemValue as much as possible
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-04-05 12:50:08 +02:00
Julius Härtl
c3a39cbc75
Merge pull request from nextcloud/fix/security/log-failing-strict-cookie-check
fix(security): Log failing strict cookie check
2023-03-21 19:05:39 +01:00
Joas Schilling
705165d3d1
fix(session): Fix DAVx5 sync problems by partial reverting session changes
Temporary disabled the short cut again to solve issues with CalDAV/CardDAV
clients like DAVx5 that use cookies and need a session. See
https://github.com/nextcloud/server/issues/37277#issuecomment-1476366147
and the other comments for further information.

Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-03-20 16:30:42 +01:00
Christoph Wurst
0e6fccf9e1
fix(security): Log failing strict cookie check
The error is silent otherwise and makes it very hard to debug on a
production system.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2023-03-20 16:26:41 +01:00
Julius Härtl
bbc6eee803
fix: Avoid log spam on 404 routes not using GET
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2023-03-03 09:40:43 +01:00
Joas Schilling
98ed72b3ed
Revert "fix(performance): Do not set up filesystem on every call" 2023-02-21 07:36:43 +01:00
Anna Larch
5d4efb4d5f
Do not set up filesystem on every call
Also remove old Oc_FileChunking logis that produced GC- collectable chunks

Signed-off-by: Anna Larch <anna@nextcloud.com>
2023-02-17 19:18:37 +01:00
Julien Veyssier
6431c5a559
extend the reference API for the new link picker
- add 2 interfaces for discoverable and searchable reference providers
- new OCS route to get info on discoverable/searchable reference providers
- new abstract ADiscoverableReferenceProvider that only implements jsonSerialize
- listen to RenderReferenceEvent to inject provider list with initial state

Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-01-27 11:10:55 +01:00
Julius Härtl
842f4d530f
fix(session): Always setup the session if a session cookie is passed
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-12-22 11:33:23 +01:00
Julius Härtl
6abb37317f
Do not setup a session when not required on WebDAV requests
If basic auth is used on WebDAV endpoints, we will not setup a session
by default but instead set a test cookie. Clients which handle session
cookies properly will send back the cookie then on the second request
and a session will be initialized which can be resued for
authentication.

Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-12-21 21:17:16 +01:00
Côme Chilliet
a529aa79d8 Strong type singletons from lib/base.php
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2022-12-19 09:10:41 +00:00
Côme Chilliet
e1d324f7eb Migrate lib/base.php to LoggerInterface
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2022-12-19 09:10:40 +00:00
Côme Chilliet
26d75add8f Put back cast to string now that timelimit is an int
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2022-12-19 09:10:40 +00:00
Côme Chilliet
7372da6c6d Fixing more psalm errors from lib/base.php
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2022-12-19 09:10:40 +00:00
Côme Chilliet
444811b0fe Use Server::get some more
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2022-12-19 09:10:40 +00:00
Côme Chilliet
cf508c1e47 Use strict typing in base.php
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2022-12-19 09:10:40 +00:00
Julius Härtl
be4c061b75
Set apcu prefix for composer
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-12-07 22:32:06 +01:00
Christoph Wurst
052dcdebe8
Refactor the ErrorHandler into a dynamic class
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2022-11-02 09:49:37 +01:00
Julius Härtl
11bedf1c3b
Use proper error pages instead of always redirecting
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-10-21 15:12:21 +02:00
Simon L
f97f13b136
Merge pull request from andyxheli/patch-4
Makes untrusted domain error on info
2022-10-01 18:06:44 +02:00
Arthur Schiwon
9b7ef2962e
remove listeners to OC_Filesystem::(write|rename) old style hooks
- the events are not emitted anymore
- OC_Filesystem::isBlacklisted() is not called from anywhere else

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2022-09-26 21:07:08 +02:00
Julius Härtl
80f6a5834a
Refactor cache handling
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-08-31 16:24:35 +02:00