gabriel
/
nextcloud_ynh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Merge pull request #146 from YunoHost-Apps/enh_version_14.0.4 

Upgrade to upstream version 14.0.4
pull/149/head
frju365 7 years ago
committed by GitHub
parent
46793eb1bf 2848fe3719
commit
e289fb47b2
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 99 additions and 41 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      README.md
  2. 3
      conf/nginx.conf
  3. 2
      manifest.json
  4. 7
      scripts/upgrade.d/upgrade.13.sh
  5. 4
      scripts/upgrade.d/upgrade.last.sh
  6. 56
      sources/patches_last_version/app-00-add-logout_url-conf.patch
  7. 66
      sources/patches_last_version/app-01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch

2
README.md
View File

@ -5,7 +5,7 @@ Nextcloud for YunoHost
own data. A personal cloud which run on your own server. With Nextcloud own data. A personal cloud which run on your own server. With Nextcloud
you can synchronize your files over your devices. you can synchronize your files over your devices.
**Shipped version:** 13.0.6
**Shipped version:** 14.0.4
[![Install Nextcloud with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=nextcloud) [![Install Nextcloud with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=nextcloud)
![](https://github.com/nextcloud/screenshots/blob/master/files/filelist.png) ![](https://github.com/nextcloud/screenshots/blob/master/files/filelist.png)

3
conf/nginx.conf
View File

@ -19,6 +19,7 @@ location ^~ __PATH__ {
add_header X-Robots-Tag none; add_header X-Robots-Tag none;
add_header X-Download-Options noopen; add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none; add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
# Set max upload size # Set max upload size
client_max_body_size 10G; client_max_body_size 10G;
@ -85,6 +86,8 @@ location ^~ __PATH__ {
add_header X-Robots-Tag none; add_header X-Robots-Tag none;
add_header X-Download-Options noopen; add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none; add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
# Optional: Don't log access to assets # Optional: Don't log access to assets
access_log off; access_log off;
} }

2
manifest.json
View File

@ -6,7 +6,7 @@
"en": "Access & share your files, calendars, contacts, mail & more from any device, on your terms", "en": "Access & share your files, calendars, contacts, mail & more from any device, on your terms",
"fr": "Consultez et partagez vos fichiers, agendas, carnets d'adresses, emails et bien plus depuis les appareils de votre choix, sous vos conditions" "fr": "Consultez et partagez vos fichiers, agendas, carnets d'adresses, emails et bien plus depuis les appareils de votre choix, sous vos conditions"
}, },
"version": "13.0.6~ynh1",
"version": "14.0.4~ynh1",
"url": "https://nextcloud.com", "url": "https://nextcloud.com",
"license": "AGPL-3.0", "license": "AGPL-3.0",
"maintainer": { "maintainer": {

7
scripts/upgrade.d/upgrade.13.sh
View File

@ -0,0 +1,7 @@
#!/bin/bash
# Last available nextcloud version
next_version="14.0.0"
# Nextcloud tarball checksum sha256
nextcloud_source_sha256="f965c14286e7aabbfe49c947d86af59597af302c35d10e0b5440e7e6c53b8f47"

4
scripts/upgrade.d/upgrade.last.sh
View File

@ -1,10 +1,10 @@
#!/bin/bash #!/bin/bash
# Last available nextcloud version # Last available nextcloud version
next_version="13.0.6"
next_version="14.0.4"
# Nextcloud tarball checksum sha256 # Nextcloud tarball checksum sha256
nextcloud_source_sha256="90fc9e960b6a477bb14ee87042b3d158bde95c3f0157677cb4547ca7649968d4"
nextcloud_source_sha256="4f5dd15a71694bd2f15fba0d2f942e5a5b1f5aba13511c507a23324d746b40e8"
# Patch nextcloud files only for the last version # Patch nextcloud files only for the last version
cp -a ../sources/patches_last_version/* ../sources/patches cp -a ../sources/patches_last_version/* ../sources/patches

56
sources/patches_last_version/app-00-add-logout_url-conf.patch
View File

@ -1,14 +1,62 @@
core/Controller/LoginController.php | 25 ++++++++++++++-----------
1 file changed, 14 insertions(+), 11 deletions(-)
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
index 182d2bc106..82523e306e 100644
--- a/core/Controller/LoginController.php --- a/core/Controller/LoginController.php
+++ b/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php
@@ -119,7 +119,10 @@
@@ -95,13 +95,13 @@ class LoginController extends Controller {
* @param Throttler $throttler
*/
public function __construct($appName,
- IRequest $request,
- IUserManager $userManager,
- IConfig $config,
- ISession $session,
- IUserSession $userSession,
- IURLGenerator $urlGenerator,
- ILogger $logger,
+ IRequest $request,
+ IUserManager $userManager,
+ IConfig $config,
+ ISession $session,
+ IUserSession $userSession,
+ IURLGenerator $urlGenerator,
+ ILogger $logger,
Manager $twoFactorManager,
Defaults $defaults,
Throttler $throttler) {
@@ -130,7 +130,10 @@ class LoginController extends Controller {
} }
$this->userSession->logout(); $this->userSession->logout();
- $response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm')); - $response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm'));
+ $redirectUrl = $this->config->getSystemValue('logout_url', + $redirectUrl = $this->config->getSystemValue('logout_url',
+ $this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm')
+ $this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm')
+ ); + );
+ $response = new RedirectResponse($redirectUrl); + $response = new RedirectResponse($redirectUrl);
$response->addHeader('Clear-Site-Data', '"cache", "cookies", "storage", "executionContexts"');
$response->addHeader('Clear-Site-Data', '"cache", "storage", "executionContexts"');
return $response; return $response;
} }
@@ -303,10 +306,10 @@ class LoginController extends Controller {
$previousUser = $user;
$user = $users[0]->getUID();
if($user !== $previousUser) {
- $loginResult = $this->userManager->checkPassword($user, $password);
- }
+ $loginResult = $this->userManager->checkPassword($user, $password);
}
}
+ }
if ($loginResult === false) {
$this->logger->warning('Login failed: \''. $user .
@@ -314,7 +317,7 @@ class LoginController extends Controller {
['app' => 'core']);
return $this->createLoginFailedResponse($user, $originalUser,
$redirect_url, self::LOGIN_MSG_INVALIDPASSWORD);
- }
+ }
// TODO: remove password checks from above and let the user session handle failures
// requires https://github.com/owncloud/core/pull/24616

66
sources/patches_last_version/app-01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch
View File

@ -1,33 +1,33 @@
lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php | 4 ++++
lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php | 3 ++-
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
index 85ae127f5f..91618a09fc 100644
--- a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
+++ b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
@@ -65,6 +65,10 @@ class ContentSecurityPolicyNonceManager {
* @return bool
*/
public function browserSupportsCspV3() {
+ // YunoHost patch: disable CSPv3 nonces to:
+ // - avoid white page on first login from YunoHost portal
+ // - allow YunoHost tile display
+ return false;
$browserWhitelist = [
Request::USER_AGENT_CHROME,
// Firefox 45+
diff --git a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
index 64d4eb6e5d..59d5885620 100644
--- a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
+++ b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
@@ -377,7 +377,8 @@ class EmptyContentSecurityPolicy {
if(!empty($this->allowedFontDomains)) {
$policy .= 'font-src ' . implode(' ', $this->allowedFontDomains);
- $policy .= ';';
+ // YunoHost patch: extend font-src to load data fonts embedded in YunoHost tile script
+ $policy .= ' data:;';
}
if(!empty($this->allowedConnectDomains)) {
lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php | 4 ++++
lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php | 3 ++-
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
index 088fb2d859..15b05b75d1 100644
--- a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
+++ b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
@@ -70,6 +70,10 @@ class ContentSecurityPolicyNonceManager {
* @return bool
*/
public function browserSupportsCspV3(): bool {
+ // YunoHost patch: disable CSPv3 nonces to:
+ // - avoid white page on first login from YunoHost portal
+ // - allow YunoHost tile display
+ return false;
$browserWhitelist = [
Request::USER_AGENT_CHROME,
// Firefox 45+
diff --git a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
index 6397d32cb9..32281a1734 100644
--- a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
+++ b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
@@ -406,7 +406,8 @@ class EmptyContentSecurityPolicy {
if(!empty($this->allowedFontDomains)) {
$policy .= 'font-src ' . implode(' ', $this->allowedFontDomains);
- $policy .= ';';
+ // YunoHost patch: extend font-src to load data fonts embedded in YunoHost tile script
+ $policy .= ' data:;';
}
if(!empty($this->allowedConnectDomains)) {
Write Preview
Loading…
Cancel
Save