upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-04-29 10:03:32 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 13
37521 commits 892 branches 1201 tags 6.6 GiB
Commit graph

6504 commits

Author SHA1 Message Date
Roeland Jago Douma
7a3acff782 Merge pull request #3874 from nextcloud/harden-js-by-disabling-eval-execution 
Harden JS by disabling jQuery eval
 2017-03-17 08:31:12 +01:00
Nextcloud bot
5683365a2c
[tx-robot] updated from transifex 2017-03-17 01:07:41 +00:00
Lukas Reschke
39afcbd49f Merge pull request #3679 from nextcloud/socialsharing 
Add social sharing
 2017-03-16 23:08:47 +01:00
Lukas Reschke
148e7abb51
Harden JS by disabling jQuery eval 
Disable execution of eval in jQuery. We do require an allowed eval CSP
configuration at the moment for handlebars et al. But for jQuery there is
not much of a reason to execute JavaScript directly via eval.

This thus mitigates some unexpected XSS vectors. As example try to insert
`$('.fileinfo').html('<a href="asd"><script>alert(1)</script></a>');`
with and without this patch in your browsers JS console when the file list
is opened.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-03-16 23:03:02 +01:00
Morris Jobke
cd4ebe2777 Merge pull request #3008 from nextcloud/appmenu-experiment 
Show apps in header
 2017-03-16 13:03:41 -06:00
Lukas Reschke
6c8d48b0f6
Harden t() with DOMPurify 
This mitigates issues where developers pass untrusted user-input through t() which may lead to XSS issues.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-03-16 14:17:42 +01:00
Roeland Jago Douma
bb2ec51bbb
Fix unit tests of master 
Follow up to #3802

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-03-16 12:46:02 +01:00
Roeland Jago Douma
57c1be8633 Merge pull request #3802 from Ko-/master 
Check that set_time_limit is not disabled before calling it
 2017-03-16 12:27:26 +01:00
Julius Haertl
b8ef616455
Fix html formating issues 
Signed-off-by: Julius Haertl <jus@bitgrid.net>
 2017-03-16 11:55:10 +01:00
Julius Haertl
780400302c
Rebuild menu to keep order of icons correct 
Signed-off-by: Julius Haertl <jus@bitgrid.net>
 2017-03-16 11:55:10 +01:00
Julius Haertl
25e18b840b
Reduce device width and hide app name when menu is open 
Signed-off-by: Julius Haertl <jus@bitgrid.net>
 2017-03-16 11:55:10 +01:00
Julius Haertl
1d6fba03f4
Make enabling/disabling apps work with the new menu 
Signed-off-by: Julius Haertl <jus@bitgrid.net>
 2017-03-16 11:55:10 +01:00
Julius Haertl
efc681dcfe
Fix positioning of popovermenu 
Signed-off-by: Julius Haertl <jus@bitgrid.net>
 2017-03-16 11:55:10 +01:00
Julius Haertl
f58f8f6f47
Fix popover positioning after window resize 
Signed-off-by: Julius Haertl <jus@bitgrid.net>
 2017-03-16 11:55:10 +01:00
Julius Haertl
267b89f5c7
Cleanup SCSS for app menu and fix mobile view 
Signed-off-by: Julius Haertl <jus@bitgrid.net>
 2017-03-16 11:55:10 +01:00
Julius Haertl
7eae6690ad
Make app management icon act like a normal app icon 
Signed-off-by: Julius Haertl <jus@bitgrid.net>
 2017-03-16 11:55:09 +01:00
Julius Haertl
61dc78e6dc
Fix menu issues 
Signed-off-by: Julius Haertl <jus@bitgrid.net>
 2017-03-16 11:55:09 +01:00
Julius Haertl
a630e4629f
Generate seperate menu list for header bar 
Signed-off-by: Julius Haertl <jus@bitgrid.net>
 2017-03-16 11:55:09 +01:00
Julius Haertl
42feab59d5
Show app icons in the header 
Signed-off-by: Julius Haertl <jus@bitgrid.net>
 2017-03-16 11:55:09 +01:00
Ko-
786ee72146 Add warning on admin screen when set_time_limit is unavailable 2017-03-16 11:48:28 +01:00
Roeland Jago Douma
4d207680f2 Merge pull request #3624 from marncz/master 
Update.js: countdown feedback before redirect
 2017-03-16 07:56:51 +01:00
Nextcloud bot
2fafdb39ac
[tx-robot] updated from transifex 2017-03-16 01:07:36 +00:00
Roeland Jago Douma
5ed45fc8e6 Merge pull request #3848 from nextcloud/remove-single-quotes-around-search-query 
Remove single quotes around search query like in user search
 2017-03-15 15:05:15 +01:00
Joas Schilling
0fe45966a0
Remove single quotes around search query like in user search 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-03-15 12:53:44 +01:00
Marcin Czarnecki
1a3617cdd6 Spacing 
Signed-off-by: marncz <M.Czarnecki1@uni.brighton.ac.uk>
 2017-03-15 06:35:40 +00:00
Morris Jobke
13aae43d89
Fix layout of sharing buttons 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-03-14 22:52:28 -06:00
Nextcloud bot
4da6b7e796
[tx-robot] updated from transifex 2017-03-15 01:07:49 +00:00
Marcin Czarnecki
df2670ca3c Update: feedback before redirect 
Signed-off-by: marncz <M.Czarnecki1@uni.brighton.ac.uk>
 2017-03-14 20:36:17 +00:00
Nextcloud bot
8d91c84ec4
[tx-robot] updated from transifex 2017-03-14 01:07:46 +00:00
Joas Schilling
beb3f92c4d
Remove the double password confirmation on changing cron 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-03-13 15:52:16 +01:00
Nextcloud bot
0dd0242d2f
[tx-robot] updated from transifex 2017-03-13 01:08:19 +00:00
Nextcloud bot
37fcc41004
[tx-robot] updated from transifex 2017-03-12 01:08:05 +00:00
Ko-
0024b67aaf Check that set_time_limit is not disabled before calling it 
Signed-off-by: Ko- <k.stoffelen@cs.ru.nl>
 2017-03-11 17:04:21 +01:00
Nextcloud bot
456cd81a20
[tx-robot] updated from transifex 2017-03-11 01:07:48 +00:00
Morris Jobke
c1be2d80ad
Fix login page, because only guest.css is loaded now 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-03-10 14:43:14 -06:00
Nextcloud bot
8904fb1cf3
[tx-robot] updated from transifex 2017-03-10 01:08:01 +00:00
Morris Jobke
0c22a66967
Add more styles to the server.scss 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-03-09 15:36:03 -06:00
Roeland Jago Douma
f2cf85fad2
[PoC] combine 2 scss files! 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-03-09 20:42:34 +01:00
Nextcloud bot
98c56f9adb
[tx-robot] updated from transifex 2017-03-08 01:07:47 +00:00
Christoph Wurst
920f611332
Apply text input styling to 'tel' inputs too 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2017-03-07 08:51:41 +01:00
Roeland Jago Douma
be45d6aac9
Fix tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-03-06 21:26:04 +01:00
Nextcloud bot
15673bc601
[tx-robot] updated from transifex 2017-03-06 01:07:58 +00:00
Nextcloud bot
badb45fce4
[tx-robot] updated from transifex 2017-03-04 01:07:41 +00:00
Roeland Jago Douma
835b49d941
Make sure copy tooltip remains when we have no social providers 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-03-03 13:36:20 +01:00
Roeland Jago Douma
fd71b8bde8
Move social buttons to menu 
* If there are social sharing buttons move them and the copy action to a
menu
* If there are no social sharing buttons just leave the copy action
where it is directly

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-03-03 13:27:06 +01:00
Roeland Jago Douma
a85327fe87
Add social sharing 
* Add socialshare manager
* Add social share field under link share

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-03-03 10:19:41 +01:00
Nextcloud bot
b55ce43ba5
[tx-robot] updated from transifex 2017-03-03 01:07:45 +00:00
Nextcloud bot
53195b156c
[tx-robot] updated from transifex 2017-03-02 16:48:52 +00:00
Nextcloud bot
aecec74a04
[tx-robot] updated from transifex 2017-03-01 01:07:42 +00:00
Lukas Reschke
b5a6f03362 Merge pull request #3643 from nextcloud/replace-deprecated-tipsy 
Replace deprecated $.tipsy(...) by $.tooltip(...)
 2017-02-28 10:49:14 +01:00