nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Benjamin Gaussorgues	c57c4843e8	feat(openmetrics): introduce OpenMetrics exporter Expose a `/metrics` endpoint with some basic metrics Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	3 days ago
Robin Appelman	26ae51c4b3	feat: add header with user id in response Signed-off-by: Robin Appelman <robin@icewind.nl>	4 months ago
Ferdinand Thiessen	ba00416040	refactor(Streamer): inject `IDateTimeZone` as constructor arg Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	5 months ago
Ferdinand Thiessen	5981b7eb51	chore: apply new CSFixer rules Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de> # Conflicts: # apps/settings/lib/SetupChecks/PhpOpcacheSetup.php	6 months ago
skjnldsv	bf3ce79abd	feat(files_sharing): show Account menu on public pages Signed-off-by: skjnldsv <skjnldsv@protonmail.com>	7 months ago
Daniel Kesselberg	be587def0e	fix: use correct format for expires, last-modified, and if-modified-since headers Before: Sat, 10 May 2025 18:17:41 +0000 After: Sat, 10 May 2025 18:17:41 GMT RFC: https://httpwg.org/specs/rfc9110.html#http.date Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	7 months ago
provokateurin	c3aa5316be	feat(RequestHeader): Add indirect parameter Signed-off-by: provokateurin <kate@provokateurin.de>	7 months ago
provokateurin	727b0c853c	refactor(RequestHeader): Make parameter types stricter Signed-off-by: provokateurin <kate@provokateurin.de>	7 months ago
provokateurin	18e04e1c5a	chore(RequestHeader): Remove unnecessary getters Signed-off-by: provokateurin <kate@provokateurin.de>	7 months ago
provokateurin	ad031188bc	feat(Http): Add RequestHeader attribute Signed-off-by: provokateurin <kate@provokateurin.de>	8 months ago
Ferdinand Thiessen	74bded74a3	refactor: migrate from OC to OCP in public interfaces Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	8 months ago
Côme Chilliet	f033ef7c18	fix: Migrate all uses of OCP\Template to OCP\Template\ITemplateManager Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	10 months ago
Côme Chilliet	253628ad5a	fix: Fix psalm issues and add missing methods to ITemplate interface Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	10 months ago
Côme Chilliet	fec865cc29	chore: Correctly flag json encoding methods as escaping html and quotes Especially with JSON_HEX_TAG it’s perfectly fine to echo JSON, and we only use it in JSON output anyway. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	11 months ago
provokateurin	7db694f534	fix(Http): Only allow valid HTTP status code values via template Signed-off-by: provokateurin <kate@provokateurin.de>	1 year ago
provokateurin	11feecf772	docs(HTTP): Add proper docs for CORS attribute Signed-off-by: provokateurin <kate@provokateurin.de>	1 year ago
provokateurin	3624923af2	fix(HTTP): Adjust JSONResponse data type Signed-off-by: provokateurin <kate@provokateurin.de>	1 year ago
Louis Chemineau	a2f2f7ce93	feat: Use inline password confirmation in external storage settings Signed-off-by: Louis Chemineau <louis@chmn.me>	1 year ago
Ferdinand Thiessen	a8f46af20f	chore: Add proper deprecation dates where missing Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	1 year ago
provokateurin	9836e9b164	chore(deps): Update nextcloud/coding-standard to v1.3.1 Signed-off-by: provokateurin <kate@provokateurin.de>	1 year ago
Christopher Ng	4fed8ed891	fix: Fix missing footer on public pages Signed-off-by: Christopher Ng <chrng8@gmail.com>	1 year ago
Ferdinand Thiessen	61d687631b	chore(ExternalShareMenuAction): Remove unused legacy properties Keep them in the constructor to not break the API, but they are not used anymore. This way of adding a share was deprecated in Nextcloud 12 (2016!), in favor of the federated share API, in Nextcloud 28 this way to create a share was removed. So we can cleanup as all it takes now to create a federeated share is the share token + federated user ID. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	1 year ago
Ferdinand Thiessen	4d2556d4cf	refactor(IMenuAction): Make public menu actions use the new Vue UI This removes custom rendering code an replaces it with the declarative menu actions. Also adjust the template to allow the Vue UI to mount. Custom entries still are possible. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	1 year ago
Daniel Kesselberg	af6de04e9e	style: update codestyle for coding-standard 1.2.3 Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	1 year ago
Ferdinand Thiessen	009761be58	test: Adjust tests for CSP nonce Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	1 year ago
Ferdinand Thiessen	86f01a3358	fix: Make sure CSP nonce is not double base64 encoded Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	1 year ago
Christopher Ng	8bbd326143	feat: Allow passing additional encode flags for json response Signed-off-by: Christopher Ng <chrng8@gmail.com>	1 year ago
Christopher Ng	b859260423	feat: Increase max depth of encoded json Signed-off-by: Christopher Ng <chrng8@gmail.com>	1 year ago
Alexander Piskun	b7af6ec200	feat: allow for ExApps to call Admin endpoints marked with specific attr Signed-off-by: Alexander Piskun <bigcat88@icloud.com>	2 years ago
skjnldsv	a65cdd1e70	fix: ARateLimit documentation Signed-off-by: skjnldsv <skjnldsv@protonmail.com>	2 years ago
provokateurin	355ef202e4	feat(OpenAPI): Add ex_app scope Signed-off-by: provokateurin <kate@provokateurin.de>	2 years ago
provokateurin	5aefdc399e	feat(AppFramework): Add ExAppRequired attribute Signed-off-by: provokateurin <kate@provokateurin.de>	2 years ago
Andy Scherzinger	dae7c159f7	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2 years ago
provokateurin	db77eab677	fix(AppFramework): Fix error message about 204 not allowing custom headers Signed-off-by: provokateurin <kate@provokateurin.de>	2 years ago
Côme Chilliet	ec5133b739	fix: Apply new coding standard to all files Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2 years ago
Julius Härtl	78ba1b0712	fix: Allow nonce in csp header also if no other reasons are given Signed-off-by: Julius Härtl <jus@bitgrid.net>	2 years ago
provokateurin	df6175ccb1	feat(AppFramework): Add Route attribute Signed-off-by: provokateurin <kate@provokateurin.de>	2 years ago
Joas Schilling	f6b6776c93	fix(API): Use a distinct exception so apps can react to it and customize the return Signed-off-by: Joas Schilling <coding@schilljs.com>	2 years ago
Joas Schilling	aa5f037af7	chore: apply changes from Nextcloud coding standards 1.1.1 Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2 years ago
Ferdinand Thiessen	ecf9f0a872	fix(CSP): Only add `strict-dynamic` when using nonces Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2 years ago
Ferdinand Thiessen	e231abd9bf	fix!(ContentSecurityPolicy): Make `strict-dynamic` enabled by default on `script-src-elem` Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2 years ago
Ferdinand Thiessen	7df9eb3351	feat(ContentSecurityPolicy): Allow to set `strict-dynamic` on `script-src-elem` only This adds the possibility to set `strict-dynamic` on `script-src-elem` only while keep the default rules for `script-src`. The idea is to allow loading module js which imports other files and thus does not allow nonces on import but on the initial script tag. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2 years ago
Joas Schilling	ffc1bb774b	feat(openapi): Add OpenAPI attribute to allow multiple scopes and overwriting tags Signed-off-by: Joas Schilling <coding@schilljs.com>	2 years ago
Git'Fellow	066f6ef16c	Stop sending deprecated Pragma header Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>	2 years ago
Robin Appelman	ccf57e0715	add separate event for rendering login page template Signed-off-by: Robin Appelman <robin@icewind.nl>	2 years ago
Daniel Calviño Sánchez	41f2d912d2	Allow "wasm-unsafe-eval" in CSP If a page has a Content Security Policy header and the `script-src` (or `default-src`) directive does not contain neither `wasm-unsafe-eval` nor `unsafe-eval` loading and executing WebAssembly is blocked in the page (although it is still possible to load and execute WebAssembly in a worker thread). Although the Nextcloud classes to manage the CSP already supported allowing `unsafe-eval` this affects not only WebAssembly, but also the `eval` operation in JavaScript. To make possible to allow WebAssembly execution without allowing JavaScript `eval` this commit adds support for allowing `wasm-unsafe-eval`. Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>	2 years ago
Joas Schilling	1b387bb341	fix!: Remove legacy event dispatching Symfony's GenericEvent from AdditionalScripts Signed-off-by: Joas Schilling <coding@schilljs.com>	2 years ago
jld3103	2d6a62ccee	Add IgnoreOpenAPI attribute Signed-off-by: jld3103 <jld3103yt@gmail.com>	3 years ago
Christoph Wurst	14719110b9	chore: Replace \OC::$server->query with \OCP\Server::get in /lib Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	3 years ago
jld3103	b0001c6010	Add template types to responses Signed-off-by: jld3103 <jld3103yt@gmail.com>	3 years ago

1 2 3 4

195 Commits (master)