David Christofas comments

Results 25 comments of


                                            David Christofas

PROPFIND on (password protected) public link returns invalid XML

But as far as I understand this issue it's not about permissions. The issue is about the invalid xml: `

PROPFIND on (password protected) public link returns invalid XML

At least this is what I understood.

Do we need to update the license header in every file to 2022

AFAIK only when you create a new file or edit one. The ones which were not touched don't get an updated year.

Collection of temporary API hacks in edge

https://github.com/cs3org/reva/pull/2616

Collection of temporary API hacks in edge

https://github.com/cs3org/reva/pull/2624

Collection of temporary API hacks in edge

https://github.com/cs3org/reva/pull/2666

Encrypt access tokens

I think this concept is good. > In some cases like SaaS Web Office (eg. Office 365) the attack surface is unknown and out of your control. So one should...

I wasn't been able to test this in Office365 yet but at least on OnlyOffice there is the option to add macros to a document under the plugins tab. ![image](https://user-images.githubusercontent.com/5579653/195386386-da8aedba-0aa9-49b1-b974-9b35eff50736.png)...

Encrypt access tokens

> Yet, as an attacker, you'd need to get control over the client's browser to be able to execute that macro. Otherwise how would you force a client to execute...

Encrypted files are not self-contained

One option is to add the file version to the encrypted file header.