Commit Graph

1178 Commits

Author SHA1 Message Date
Ralf Becker
464f1b3894 never invalidate session in sharing, as we cant regenerate it (and we dont need to) 2017-11-07 13:03:30 +01:00
Ralf Becker
1222ef1813 also log if _check_script_tag was able to disarm XSS automatic 2017-11-07 12:24:15 +01:00
Hadi Nategh
0ec79af82f Fix mime handler for sharing 2017-11-07 10:51:40 +01:00
Ralf Becker
5d1217b89b deny sharing owner rights (chmod, chgrp, set eACL) and disable eACL tab 2017-11-06 15:19:19 +01:00
Ralf Becker
3b2375e34f Changelog for 17.1.20171106 2017-11-05 09:16:19 +00:00
Ralf Becker
f21b13090f pending translations from our translation server 2017-11-04 09:36:02 +01:00
nathangray
df4f4deb1f Etemplate - Make sure to not return an empty string, it will fail when queried 2017-11-03 14:37:46 -06:00
nathangray
06e41356bd Better handling for thumbnail tooltip if not in nextmatch row 2017-11-03 13:07:02 -06:00
nathangray
dda47ca863 Disable extended ACL for readonly shares 2017-11-03 10:28:27 -06:00
Hadi Nategh
873a2a93d8 Allow multiple mime types 2017-11-03 15:05:35 +01:00
Ralf Becker
4ebf79d0e1 * Sharing/Collabora: allow to use Collabora on writable shares (EPL only) 2017-11-03 12:43:09 +01:00
nathangray
ef7956f34b Make sure lang gets passed on to registration 2017-11-02 11:13:29 -06:00
nathangray
069d49afba Disable copy / paste for readonly shares 2017-11-02 09:43:08 -06:00
Ralf Becker
3689b3d645 * Filemanager/Sharing: deny rename, move, mkdir and rmdir on readonly share 2017-11-02 13:34:10 +01:00
Ralf Becker
3a24416eb9 suppress notice screwing up thumbmails, if notices are on 2017-11-02 13:23:36 +01:00
Hadi Nategh
3465c40b50 Remove unsafe-eval CSP for CKEditor 2017-11-02 11:02:16 +01:00
A Sigalas
df6898a11c Add discard image to buttons 2017-11-01 11:59:11 +00:00
Ralf Becker
0813403b5b * All apps: get sharing working with files attached to application entries 2017-10-31 10:51:59 +01:00
Ralf Becker
b9594ea357 fix typo 2017-10-31 10:49:12 +01:00
Ralf Becker
b5574da397 remove system call used for PHP < 5.3.1 2017-10-31 09:55:23 +01:00
Ralf Becker
a4526c98cb store CalDAV/CardDAV log in user spezific log directories 2017-10-30 15:00:42 +01:00
nathangray
616c11c1fb Fix wrong table name 2017-10-27 17:48:42 +02:00
nathangray
0d14155472 Fix minimum fs_id was not returning proper value 2017-10-27 17:43:40 +02:00
nathangray
90ce0cc7b6 Add a function to get the lowest fs_id for a path 2017-10-27 17:43:40 +02:00
Hadi Nategh
f42801236a Override the globalEval to mitigate potential execution of script tag 2017-10-27 17:42:44 +02:00
Ralf Becker
12dbfca137 check cookies for XSS attempts 2017-10-27 16:52:34 +02:00
nathangray
5750904809 Fix setlocale to be able to find locales on Ubuntu 2017-10-27 10:54:39 +02:00
Ralf Becker
92584a61ad * Update: fix not finishing update for more then 100 photos in addressbook
caused by contact_jpegphoto was not set to NULL, as column no longer exists in tables_current
2017-10-26 21:27:16 +02:00
Ralf Becker
5b573abef7 do not allow path traversal and htmlencode displayed path 2017-10-26 13:16:52 +02:00
nathangray
fdb47ab168 Merge calendar events into user account if there is one over user contact 2017-10-26 09:16:02 +02:00
Ralf Becker
77b42dd9a4 always send X-Content-Type-Options: nosniff
It does not harm and stops unpredictable results from browsers changing our content-types
(FF 50+ now also supports nosniff)
2017-10-25 17:35:30 +02:00
Ralf Becker
d11fe532d8 Changelog for 17.1.20171023 2017-10-23 17:27:18 +00:00
Hadi Nategh
fdb3202b6b Add new config to the admin site configuration in order to be able to upload a custom header logo 2017-10-23 13:23:52 +02:00
nathangray
b381a9aa0c Timestamp widget fixes:
- Remove new line before timestamp
- Fix focus not going to where it should
2017-10-23 12:10:45 +02:00
Hadi Nategh
c88e3b8a69 Disable new button and new action in filemanager when there's no writable right 2017-10-23 12:08:33 +02:00
nathangray
b8f8a014fa Move all tests under api/src into api/tests 2017-10-23 10:14:14 +02:00
nathangray
24de1dff3b Move PHPUnit tests from test to tests subdirectory 2017-10-23 09:51:28 +02:00
Ralf Becker
65b02c0246 bump verison to 17.1 2017-10-22 12:56:58 +02:00
Ralf Becker
c88e6e0237 disabling E_DEPRECATED, as contrib apps wont work under PHP 7.1 with having eg. contructors with same name as the class 2017-10-21 12:03:10 +02:00
nathangray
d3c596a443 - Add a parameter to pass in the class of the notification to use so we can pass in a test one
- Explicitly tell notification what type of message (plain or html) we're giving it
2017-10-21 11:29:05 +02:00
nathangray
b8f4af5602 Documentation update from the move of tests into app/tests subdirectory (not app/inc/test or app/test) 2017-10-21 11:29:05 +02:00
Hadi Nategh
ff4396030a Fix CKEditor Browse Server button to open vfsSelect 2017-10-20 18:55:22 +02:00
nathangray
31c007bac7 Give a better message if the test table is missing (Check test app not installed) 2017-10-20 10:20:49 +02:00
nathangray
accd6187e2 Get date widget duration test working again 2017-10-20 09:56:47 +02:00
nathangray
9e6ecce1d0 Move tests into app/tests subdirectory (not app/inc/test or app/test) 2017-10-18 18:30:54 +02:00
nathangray
237d81ce36 Move tests into app/tests subdirectory (not app/inc/test or app/test) 2017-10-18 15:43:35 +02:00
nathangray
865fd6405d Move sanity check to a pre-condition check 2017-10-18 11:47:28 +02:00
Ralf Becker
3ae16b20e6 added test app in fixtures 2017-10-18 11:42:03 +02:00
Ralf Becker
1d7fb9fe90 improve check $GLOBALS[egw] is correctly initilized 2017-10-18 09:10:39 +02:00
nathangray
cd49f6568d Replace the lost boolean cast 2017-10-17 16:48:35 +02:00