Bjoern Schiessle
|
089ae980c4
use new sanitize HTML function
|
12 years ago |
Bart Visscher
|
79f9d61ec8
Allow apps to load before login, needed for user_openid
|
12 years ago |
Bjoern Schiessle
|
0074062b53
fixed xss vulnerability
|
12 years ago |
Bjoern Schiessle
|
3ddaedee3b
fixed xss vulnerability
|
12 years ago |
Thomas Tanghus
|
f589df7366
Redirect HTTP Auth requests to REQUEST_URI. Partial fix for http://bugs.owncloud.org/thebuggenie/owncloud/issues/oc-874
|
12 years ago |
Thomas Tanghus
|
4f6978c30f
Redirect HTTP Auth requests to REQUEST_URI. Partial fix for http://bugs.owncloud.org/thebuggenie/owncloud/issues/oc-874
|
12 years ago |
Robin Appelman
|
ba1dec64c1
load all apps when loging in, needed for apps listening to login hooks
|
12 years ago |
Robin Appelman
|
ec55eaef5b
dont load apps when displaying the login page
|
12 years ago |
Frank Karlitschek
|
a945fa10a6
update copyright
|
12 years ago |
Michael Gapczynski
|
90cbc32c77
Fix redirect after login, prevent open redirects
|
12 years ago |
Michiel de Jong
|
1a874b4c56
make redirect safe by restricting it to current host
|
12 years ago |
Michiel de Jong
|
9b5e8a2c63
fix redirect to desired page after login
|
12 years ago |
Georg Ehrke
|
b35c6b57a9
allow loading of css files even if a user isn't logged in
|
12 years ago |
Georg Ehrke
|
232788396d
some changes for login
|
12 years ago |
Michael Gapczynski
|
051442bc76
Sanitize redirect urls
|
12 years ago |
Bart Visscher
|
4dbc2093c6
Create a function for linking to remote.php
|
12 years ago |
Georg Ehrke
|
e33b12a375
fix path of webdav
|
12 years ago |
Frank Karlitschek
|
d2b0de614e
fix an XSS bug
|
12 years ago |
Georg Ehrke
|
da03d05700
create folder 'remote' for the remote services like caldav, carddav and webdav
|
12 years ago |
Georg Ehrke
|
657d02371c
fix login
|
12 years ago |
Georg Ehrke
|
993d655aad
Merge branch 'master' into movable_apps_2
|
12 years ago |
Frank Karlitschek
|
74b5e22a68
some more csrf fixes
|
12 years ago |
Georg Ehrke
|
3f64eb25ab
some fixes fore movable apps
|
12 years ago |
Georg Ehrke
|
2e85313701
optimize code
|
12 years ago |
Georg Ehrke
|
85019887df
add loading of files
|
12 years ago |
Georg Ehrke
|
3e0e6e35f4
open app thru index.php
|
12 years ago |
Arthur Schiwon
|
30d524b426
load apps before logout so that logout-hook works
|
12 years ago |
Bart Visscher
|
f47444e1f7
Use separate function to make absolute urls
|
12 years ago |
Thomas Tanghus
|
f3e8776dc6
Merge git://gitorious.org/owncloud/owncloud into tanghus_remote_backup
|
13 years ago |
Robin Appelman
|
a862fec9a3
make remember login token also dependent on password to protect against some brute force attacks on this token
|
13 years ago |