mirrors/nextcloud-server
3
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2025-10-26 19:21:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
Nextcloud Server
23,225 Commits 696 Branches 1,154 Tags 27 GiB
PHP 56%
JavaScript 35.8%
Vue 3.4%
TypeScript 2.8%
Gherkin 1.1%
Other 0.8%
bbd5f28415
Go to file
Lukas Reschke bbd5f28415 Let users configure security headers in their Webserver 
Doing this in the PHP code is not the right approach for multiple reasons:

1. A bug in the PHP code prevents them from being added to the response.
2. They are only added when something is served via PHP and not in other cases (that makes for example the newest IE UXSS which is not yet patched by Microsoft exploitable on ownCloud)
3. Some headers such as the Strict-Transport-Security might require custom modifications by administrators. This was not possible before and lead to buggy situations.

This pull request moves those headers out of the PHP code and adds a security check to the admin settings performed via JS.
2015-03-02 19:07:46 +01:00
.idea
3rdparty@322e9ce44a update 3rdparty to current master 2015-02-26 15:11:03 +01:00
apps Merge pull request #14573 from owncloud/enc-migrate-disable-updater 2015-03-02 14:53:29 +01:00
build php script which updates the license header in all php file in the repo 2015-02-22 20:36:36 +00:00
config Let users configure security headers in their Webserver 2015-03-02 19:07:46 +01:00
core Let users configure security headers in their Webserver 2015-03-02 19:07:46 +01:00
l10n
lib Let users configure security headers in their Webserver 2015-03-02 19:07:46 +01:00
ocs Revert "Updating license headers" 2015-02-26 11:37:37 +01:00
settings Let users configure security headers in their Webserver 2015-03-02 19:07:46 +01:00
tests Let users configure security headers in their Webserver 2015-03-02 19:07:46 +01:00
themes
.bowerrc
.gitignore
.gitmodules
.htaccess Let users configure security headers in their Webserver 2015-03-02 19:07:46 +01:00
.jshintrc
.mailmap Adding .mailmap - helps to add unified authors to the license header 2015-02-22 20:36:36 +00:00
.scrutinizer.yml
.tag
.user.ini Use "off" and "off" instead of true booleans 2015-02-23 09:40:15 +01:00
AUTHORS
autotest-external.sh fix files external test run and add common-tests option 2015-02-26 13:32:44 +01:00
autotest-hhvm.sh
autotest-js.sh
autotest.cmd
autotest.sh
bower.json
buildjsdocs.sh
console.php Don't swallow errors in console.php 2015-02-28 12:31:11 +01:00
CONTRIBUTING.md
COPYING-AGPL
COPYING-README
cron.php Revert "Updating license headers" 2015-02-26 11:37:37 +01:00
db_structure.xml set max argument length to 4000 2015-02-25 15:09:41 +01:00
index.html
index.php Revert "Updating license headers" 2015-02-26 11:37:37 +01:00
indie.json
issue_template.md Merge pull request #10830 from Finkregh/patch-1 2015-02-24 12:13:55 +01:00
occ
public.php Revert "Updating license headers" 2015-02-26 11:37:37 +01:00
README.md Add more HTTPS endpoints 2015-02-27 11:37:30 +01:00
remote.php Revert "Updating license headers" 2015-02-26 11:37:37 +01:00
robots.txt
status.php Revert "Updating license headers" 2015-02-26 11:37:37 +01:00
version.php This is not 8.1 pre alpha 2015-02-28 00:26:31 +01:00

README.md

ownCloud

ownCloud gives you freedom and control over your own data. A personal cloud which runs on your own server.

Build Status on Jenkins CI

Git master: Build Status

Quality:

  • Scrutinizer: Scrutinizer Quality Score
  • CodeClimate: Code Climate

Installation instructions

https://doc.owncloud.org/server/8.0/developer_manual/app/index.html

Contribution Guidelines

https://owncloud.org/contribute/

Get in touch

Important notice on translations

Please submit translations via Transifex: https://www.transifex.com/projects/p/owncloud/

Transifex

For more detailed information about translations: http://doc.owncloud.org/server/8.0/developer_manual/core/translation.html