nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Bennet Becker	f5bf2517ca	revert .htaccess to commit previous to PR (was changed by autoloaderchecker.sh or composer?) Signed-off-by: Bennet Becker <dev@bennet.cc>	2 years ago
Bennet Becker	77569bae45	ran build/autoloaderchecker.sh after adding AutoSubmittedValue class Signed-off-by: Bennet Becker <bbecker@pks.mpg.de>	2 years ago
MichaIng	ea0e45d81e	Remove legacy Internet Explorer headers X-UA-Compatible and X-Download-Options headers are interpreted or relevant for Internet Explorer only. With the deprecation of Internet Explorer support in Nextcloud 20 and planned support removal already in Nextcloud 22, these became obsolete and are hereby removed, including their removal from setup checks. Signed-off-by: MichaIng <micha@dietpi.com>	3 years ago
Carl Schwan	7dddbd0c35	Improve caching policy * Cache css with version in url. This makes most js and css requests to be cached by the browser * Force caching previews, the etag is in the url so that if the propfind gives a new etag, we will refresh it otherwise it's no use to try to fetch the new etag and do tons of DB queries Tested with firefox and 'debug' => false (important so that the js/css urls are generated with ?v= parameter) Signed-off-by: Carl Schwan <carl@carlschwan.eu>	3 years ago
Daniel Calviño Sánchez	24bc96ad09	Allow to serve static WebAssembly and TensorFlow Lite files Since Talk 13 (and thus Nextcloud 23) WebAssembly (.wasm) and TensorFlow Lite (.tflite) files need to be loaded from the web server to provide certain features (like the background blur in the WebUI). Those files can be treated in a similar way to other static resources, and there should not be any problem caching or compressing them. However, as compressed TensorFlow Lite files are only ~12% smaller, the compression directive depends on the MIME type and there is no standard MIME type for TensorFlow Lite files it is not worth to compress them. Moreover, no directives to compress WebAssembly files were added either, as it seems that they would override any other compression directives set in the default server configuration; for reference it could be done with something like: <IfModule mod_deflate.c> <IfModule mod_filter.c> AddOutputFilterByType DEFLATE application/wasm </IfModule> </IfModule> Depending on the setup "application/wasm" may not be associated with ".wasm" files, so the directive was added just in case, as otherwise browsers log a warning. Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>	3 years ago
acsfer	3ee82e4405	Fix module name for PHP8+	3 years ago
acsfer	2303eebcc8	Update .htaccess (PHP8 and mod_lsapi) - Add `mod_lsapi` (Cloudlinux) authorization headers - Add `mod_php8` php_values - Reformating for better lisibilty	3 years ago
acsfer	ac9465e96d	Cache images on browser Fix #26851	3 years ago
Julius Härtl	98198e042e	Make sure we properly ass well-known paths to index.php Signed-off-by: Julius Härtl <jus@bitgrid.net>	4 years ago
Christoph Wurst	6995223b1e	Add well known handlers API Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	4 years ago
zertrin	af5380f5a8	Fix security header setting in .htaccess by adding 'onsuccess unset' The headers might already be set by the system administrator at the http server level (apache or nginx) for some or all virtualhosts. Using "always set" in the .htaccess of Nextcloud leads to the situation where the headers might be set twice (once in the default 'onsuccess' table and once in the 'always' table)! Which leads to warnings in the admin area. Adding "onsuccess unset" solves the problem, and forces the header in the 'onsucess' table to be unset, and the header in the 'always' table to be set. NOTE: with this change, Nextcloud overrides whatever the system administrator might have already set See github issues #16893 #16476 #16938 #18017 and discussion in PR #19002 Signed-off-by: zertrin <zertrin@gmail.com>	5 years ago
Maxence Lange	bf408c58c2	+nodeinfo public service Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	5 years ago
J0WI	1b074f48d8	Remove duplicated spaces Signed-off-by: J0WI <J0WI@users.noreply.github.com>	5 years ago
J0WI	bd9403d3da	Use "always" condition for security headers Signed-off-by: J0WI <J0WI@users.noreply.github.com>	5 years ago
J0WI	3f2932c75a	Sort headers Signed-off-by: J0WI <J0WI@users.noreply.github.com>	5 years ago
J0WI	76cbd7db6e	Add X-Frame-Options header to .htaccess Signed-off-by: J0WI <J0WI@users.noreply.github.com>	5 years ago
tobiasKaminsky	efa0733b04	wip Signed-off-by: tobiasKaminsky <tobias@kaminsky.me>	5 years ago
tobiasKaminsky	b81fb182b3	wip Signed-off-by: tobiasKaminsky <tobias@kaminsky.me>	5 years ago
Joas Schilling	c6a69ba925	Remove the upload and memory setting * Remove unneeded private method phpFileSize() * Bump autoloader * Remove setUploadLimit tests * Remove integrity check hacks for upload limit Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Morris Jobke <hey@morrisjobke.de>	6 years ago
Morris Jobke	92b5743bf4	Remove unused php5 config from .htaccess Signed-off-by: Morris Jobke <hey@morrisjobke.de>	6 years ago
Ido Green	c320f48599	cleaning after comments on issue 10825 More: https://github.com/nextcloud/server/pull/10825#issuecomment-415800850 Signed-off-by: Ido Green <greenido@gmail.com>	6 years ago
Ido Green	c794452689	fixing issue 9931 - copy a file to the same directory Signed-off-by: Ido Green <greenido@gmail.com> Signed-off-by: Morris Jobke <hey@morrisjobke.de>	6 years ago
Julius Härtl	b9f2ce2796	Fix loading of .woff2 files in .htaccess Signed-off-by: Julius Härtl <jus@bitgrid.net>	6 years ago
Patrik Kernstock	8cdd906d66	Add "Referrer-Policy" to htaccess file, addresses issue #11099 Signed-off-by: Patrik Kernstock <info@pkern.at>	6 years ago
Maxence Lange	6642efa7f4	adding .well-known/webfinger Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	6 years ago
Dan Callahan	8797590099	Correct mistaken regex wildcard in .htaccess Fixes #8578 Signed-off-by: Dan Callahan <dan.callahan@gmail.com>	7 years ago
Robert Scheck	7583615bab	Handle SSL certificate verifications for others than Let's Encrypt Do no longer (wrongly) rewrite URLs like * http://example.net/.well-known/pki-validation/file.txt (Comodo) * http://example.net/.well-known/pki-validation/fileauth.txt (DigiCert, Thawte, GeoTrust) * http://example.net/.well-known/pki-validation/gsdv.txt (GlobalSign) * http://example.net/.well-known/pki-validation/starfield.htm (Starfield, GoDaddy) * http://example.net/.well-known/pki-validation/swisssign-check.txt (SwissSign) for automated SSL certificate verifications. All (common commercial) certificate authorities (CA) except Let's Encrypt (via ACME) seem to use "pki-validation" rather "acme-challenge" for their domain control validation (DCV). Signed-off-by: Robert Scheck <robert@fedoraproject.org>	7 years ago
Abijeet	ac14d02e1e	Added newline to end of htaccess file Signed-off-by: Abijeet <abijeetpatro@gmail.com>	7 years ago
Abijeet	ec28c54dbc	Adds search by email function on the users screen. Fixes #7175. - Updated the query to fetch the users in users > everyone tab. - Updated the query to fetch the users in users > admin tab. - Tested to ensure that the disabled users are also being fetched. - Added test cases. Signed-off-by: Abijeet <abijeetpatro@gmail.com>	7 years ago
Roeland Jago Douma	88299ec27c	Added to public interface Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Roeland Jago Douma	7dcc98eb20	Add owner to access list Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Lukas Reschke	bff6c8aafc	Move X-Frame-Options into PHP The public calendar view should be embeddable and we can't do that if the .htaccess sets a global X-Frame-Options. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	8 years ago
Flole998	075d39e61a	Fix for Win Clients sometimes not connecting Fix for Win Clients sometimes not connecting	8 years ago
Jörn Friedrich Dreyer	9802c5cdd8	Cache js, css and woff files for a week (#26591 ) increases the cache duration for css and js files from 2 hours to half a year. Should they change the versionhash changes as well and a new file is fetched. Half a year should be long enough for oc updates. Also allows caching woff files for 7 days. Currently, there is no versionhash available, but pressing F5 will also refresh the woff files.	8 years ago
Joas Schilling	a3c8534b7b	Make sure memory limit is > post size and upload filesize	8 years ago
Lukas Reschke	35743c187d	Also cache WOFF, SVG and GIF	8 years ago
Thomas Müller	bfcd1dc49c	Filter confidential calendar objects in shared calendars Filter private calendar objects in shared calendars	9 years ago
Thomas Müller	082f456b8b	Added unit testing for the migration step	9 years ago
Martin	1059315e09	.htaccess update making two rules non-capturing	9 years ago
Roeland Jago Douma	abe338f433	Store user bucket in preferences	9 years ago
Roeland Jago Douma	e03e4921a0	Fix Name	9 years ago
Lukas Reschke	52add798d4	Do not automatically try to enable index.php-less URLs (#24539 ) The current logic for mod_rewrite relies on the fact that people have properly configured ownCloud, basically it reads from the `overwrite.cli.ur l` entry and then derives the `RewriteBase` from it. This usually works. However, since the ownCloud packages seem to install themselves at `/owncloud` (because subfolders are cool or so…) _a lot_ of people have just created a new Virtual Host for it or have simply symlinked the path etc. This means that `overwrite.cli.url` is wrong, which fails hard if it is used as RewriteBase since Apache does not know where it should serve files from. In the end the ownCloud instance will not be accessible anymore and users will be frustrated. Also some shared hosters like 1&1 (because using shared hosters is so awesome… ;-)) have somewhat dubious Apache configurations or use versions of mod_rewrite from the mediveal age. (because updating is money or so…) Anyhow. This makes this explicitly an opt-in configuration flag. If `htaccess.RewriteBase` is set then it will configure index.php-less URLs, if admins set that after installation and don't want to wait until the next ownCloud version they can run `occ maintenance:update:htaccess`. For ownCloud 9.0 we also have to add a repair step to make sure that instances that already have a RewriteBase configured continue to use it by copying it into the config file. That way all existing URLs stay valid. That one is not in this PR since this is unneccessary in master. Effectively this reduces another risk of breakage when updating from ownCloud 8 to ownCloud 9. Fixes https://github.com/owncloud/core/issues/24525, https://github.com/owncloud/core/issues/24426 and probably some more.	9 years ago
Lukas Reschke	24abe1e1e1	Use raw PATH_INFO PATH_INFO will be empty at this point and thus the logic in base.php did not catch this. Changing this to "getRawPathInfo" will ensure that the path info is properly read. Fixes https://github.com/owncloud/core/issues/23199	9 years ago
Lukas Reschke	ee84017192	always_populate_raw_post_data has been removed with PHP 7.0	9 years ago
Lukas Reschke	2cfde7cd0b	Duplicate block for PHP 7	9 years ago
Stephan Köninger	73a7c45dd4	Allow jpg files to be statically served When using an background image in themes of type JPG, the current setting of owncloud's htaccess file does not allow to deliver these kinds of images as static content. Adding the file extensions as done in this commit, it works flawlessly.	9 years ago
Lukas Reschke	bc4a043a76	Add base rewrite rule only when RewriteBase is defined In case Apache is configured with an `Alias` such as with the ownCloud packages the rewrite rules will fail when no valid RewriteBase is configured.	9 years ago
Lukas Reschke	0a624c0f1e	Exclude ocs-provider from rewrite rule Otherwise `localhost/ocs-provider/` cannot be accessed if mod_rewrite is install ed. Only affects master.	9 years ago
Victor Dubiniuk	4ced903427	Do not rewrite updater requests	9 years ago
Lukas Reschke	4d0dcd3c53	Add X-Download-Options and X-Permitted-Cross-Domain-Policies Two small security hardenings for our IE users and those with Adobe products. Aligns it more with https://github.com/twitter/secureheaders#secureheaders---	9 years ago

1 2 3

132 Commits (7e725c5d9402de8bbf997ebaf0f8ab2bd9f1287e)