History | View | Annotate | Download (25.7 kB)
Fix for Issue 35 that doesn't allow the creation of a folder which name contains slashes.
Reject invalid resource names, like '.' and '..' in both server and web client. This fixes issue 19.
Now that we keep around the cookie, give the user the opportunity to use it as the authentication token to get to a file. This way passing around simple file resource URIs is possible, and as long as the user has authenticated with the service in the current browser session, he can access the file. Furthermore, treat such simple browser access as a special case and redirect to login before returning back to the file. Now one can e-mail the file URI to another user and he can click on the link, get prompted to login (or even register for the service) and then get back to the file URI to download it automatically....
Add a new API operation for invalidating the current authentication token and returning a new one.
Requests without Authorization header should be rejected by isRequestValid().
Move create new WebDAV password URL from /users to plain / for user.
Switch reset WebDAV password from GET to POST.
Use application/json content type for all JSON responses.
Remove the redundant gss top-level directory.