nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Maxence Lange	9100b8757e	fix(setup): ignore long session login during installation Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	1 year ago
Christoph Wurst	2b38d6ae7e	fix(session): Log when session_* calls are slow Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	1 year ago
Julius Härtl	38bee2c014	perf: Set session.cache_limiter at runtime to avoid clients caching static assets served by PHP By default there is a Pragma: no-cache header set due to the default value `no-cache` of session.cache-limiter, which will cause Chrome and iOS to not cache even with a different Cache-Control header set on the response. Signed-off-by: Julius Härtl <jus@bitgrid.net>	1 year ago
Andy Scherzinger	dae7c159f7	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2 years ago
Joas Schilling	7c6934dea9	fix(typo): Fix typo in docs Signed-off-by: Joas Schilling <coding@schilljs.com>	2 years ago
Côme Chilliet	eee9f1eec4	Always catch OCP versions of authentication exceptions And always throw OC versions for BC Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2 years ago
Christoph Wurst	14719110b9	chore: Replace \OC::$server->query with \OCP\Server::get in /lib Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	3 years ago
Christoph Wurst	872c181c74	chore: Drop dead private methods in /lib Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	3 years ago
Claus-Justus Heine	45ec432492	Don't call session_start() when PHP session is still or already open. Signed-off-by: Claus-Justus Heine <himself@claus-justus-heine.de>	3 years ago
Julius Härtl	9e1d431255	Add config option to disable strict session timeout to be able to use read_and_close Fixed https://github.com/nextcloud/server/issues/29356 Signed-off-by: Julius Härtl <jus@bitgrid.net>	3 years ago
Julius Härtl	9b4b72826a	Reopen sessions if we need to write to them instead of keeping them open Sessions are a locking operation until we write close them, so close them early and reopen later in case we want to write to them Signed-off-by: Julius Härtl <jus@bitgrid.net>	3 years ago
luz paz	368f83095d	Fix typos in lib/private subdirectory Found via `codespell -q 3 -S l10n -L jus ./lib/private` Signed-off-by: luz paz <luzpaz@github.com>	3 years ago
Julius Härtl	c1ea6a899c	Only trap E_ERROR in session handling Signed-off-by: Julius Härtl <jus@bitgrid.net>	4 years ago
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	5 years ago
Christoph Wurst	7e2c3a820e	Remove the cookie paths for php<7.3 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	5 years ago
Roeland Jago Douma	8daaf33e3d	Silence duplicate session warnings Fixes #20490 Basically restroring the old behavior. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	5 years ago
Christoph Wurst	caff1023ea	Format control structures, classes, methods and function To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	74936c49ea	Remove unused imports Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Roeland Jago Douma	2016e57eab	Only send samesite cookies This makes the last remaining two cookies lax. The session cookie itself. And the session password as well (on php 7.3 that is). Samesite cookies are the best cookies! Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Christoph Wurst	5bf3d1bb38	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
MartB	fe21b10de5	replace setcookie value with '' instead of null. The php documentation states that an empty string should be used for a cookie when it has no real value. null leads to the following error: expects parameter 2 to be string, null given Signed-off-by: Martin Böh <mart.b@outlook.de>	7 years ago
Roeland Jago Douma	8c47a632e0	Allow updating the token on session regeneration Sometimes when we force a session regeneration we want to update the current token for this session. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Roeland Jago Douma	8cb6bb3987	Make ISession strict * Make all implementations strict * Add scalar types Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Morris Jobke	0eebff152a	Update license headers Signed-off-by: Morris Jobke <hey@morrisjobke.de>	8 years ago
Arthur Schiwon	d1a8269de3	Forward port of #5190 to master Treat PHP Errors on User session regenerate Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de> remove unnecessary lines… Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de> change PHP errors to ErrorException in the session (PHP >=7) Otherwise it might be that authentication apps are being disabled on during operation while in fact the session handler has hiccup. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	9 years ago
Victor Dubiniuk	131df248ef	Catch session already closed exception in destructor	9 years ago
Joas Schilling	0215b004da	Update with robin	10 years ago
Joas Schilling	ba87db3fcc	Fix others	10 years ago
Lukas Reschke	aba539703c	Update license headers	10 years ago
Christoph Wurst	e93bf80b29	throw SessionNotAvailableException if session_id returns empty string	10 years ago
Christoph Wurst	0d53e86421	add ISession::getId() wrapper for session_id	10 years ago
Roeland Jago Douma	e2c36c2903	Move \OC\Session to PSR-4	10 years ago
Thomas Müller	682821c71e	Happy new year!	10 years ago
Lukas Reschke	fec41e7539	Move regeneration of session ID into session classes There were code paths that nowadays call ISession::login directly thus bypassing the desired regeneration of the session ID. This moves the session regeneration deeper into the session handling and thus ensures that it is always called. Furthermore, I also added the session regeneration to the remember me cookie plus added some test case expectations for this.	10 years ago
Lukas Reschke	5588c5f262	Delete cookie instead of emptying value PHP will handle session cookies with an empty values as an E_WARNING error. ([php/#68063](https://bugs.php.net/bug.php?id=68063)) ownCloud sets the cookie to an empty value in case the session expires, it however after this starts a new session. Due to potential race conditions this can in unlikely cases lead to the fact that the session never gets restarted and the user is left with an empty cookie. PHP tries then to use the empty cookie which makes the instance not usable. To work around any race condition we now tell PHP to explicitly delete the value which can be done by using `null` as value, PHP will then send a cookie with the value "deleted". Also theepiration has been set to -1.	10 years ago
Morris Jobke	b945d71384	update licence headers via script	10 years ago
Phil Davis	7940a3fb65	Session closed exception wording and a small comment typo	10 years ago
Lukas Reschke	0b91087489	Write to session in batch at the end of the request	10 years ago
Jenkins for ownCloud	b585d87d9d	Update license headers	11 years ago
Thomas Müller	843fef0490	Handle session initialization errors and display error page - fixes #15053	11 years ago
Morris Jobke	06aef4e8b1	Revert "Updating license headers" This reverts commit `6a1a4880f0`.	11 years ago
Jenkins for ownCloud	6a1a4880f0	Updating license headers	11 years ago
cetra3	6b24aa5224	Refactor internal session to write directly to $_SESSION	11 years ago
Thomas Müller	effea790c7	redefine reopen() in class \OC\Session\Internal to avoid accidental calls in productive code	12 years ago
Thomas Müller	a074adb2af	fix close() implementation in \OC\Session\Internal	12 years ago
Thomas Müller	73a1ece753	adding an explicit close method to class session - write operations (set and remove) being called after close() will throw an exception	12 years ago
Robin Appelman	5c7a08aab4	check if a $_SESSION entry exists before we try to remove it	12 years ago
Robin Appelman	a36bf5c2b5	preserve 3rd party values in in the Session destructor	12 years ago
Thomas Müller	9c9dc276b7	move the private namespace OC into lib/private - OCP will stay in lib/public Conflicts: lib/private/vcategories.php	12 years ago
Robin Appelman	f547b66d6b	check fix if session start is successfull	13 years ago

32 Commits (addParameterTypingVersionsMapper)