Releases: coreruleset/nextcloud-rule-exclusions-plugin
Releases · coreruleset/nextcloud-rule-exclusions-plugin
v1.3.1
This release contains a security fix, all users are recommended to upgrade to this version.
What's Changed
- fix: sync allowed content types to fix 9EA-241022 by @EsadCetiner in #104
- chore: prepare for 1.3.1 release by @EsadCetiner in #105
Full Changelog: v1.3.0...v1.3.1
v1.3.0
What's Changed
- fix: fp with creating/uploading shares and files by @EsadCetiner in #77
- style: fix spaghetti regex for recognize by @EsadCetiner in #78
- fix: sqli fp with tokens and special characters by @EsadCetiner in #79
- fix: multiple false positives in nc deck web ui by @EsadCetiner in #81
- fix: false positives with syncing contacts and deleting contacts by @EsadCetiner in #83
- fix: reordering card stacks in deck fp by @EsadCetiner in #85
- fix: dismissing notifications on iOS by @EsadCetiner in #89
- docs: list supported/unsupported apps by @EsadCetiner in #90
- feat: add support for Nextcloud Cookbook by @EsadCetiner in #91
- refactor: overhaul and cleanup rule exclusions for settings by @EsadCetiner in #86
- fix: use case insensitivity for public shares when entering passwords by @EsadCetiner in #82
- fix: fp regression in carddav by @EsadCetiner in #95
- refactor: cleanup and overhaul text editor rules and tests by @EsadCetiner in #94
- docs: add link for conditionally enabling/disabling plugin by @EsadCetiner in #98
- docs: update locations for increasing max file upload size by @EsadCetiner in #97
- feat: add support for nextcloud 30 by @EsadCetiner in #99
- fix: use correct parsers for content types by @EsadCetiner in #101
- fix: renaming tagged faces in photos app by @EsadCetiner in #102
- chore: prepare for 1.3.0 release by @EsadCetiner in #103
Full Changelog: v1.2.0...v1.3.0
v1.2.0
What's Changed
- fix: .well-known/webdav fp by @YeapGuy in #69
- feat: add support for Nextcloud 28 by @EsadCetiner in #62
- fix: requesting a static file at pl-2 by @EsadCetiner in #67
- fix: opening an image on public share by @EsadCetiner in #68
- fix: caldav fp on iphone by @EsadCetiner in #66
- fix: fp regression with xml content by @EsadCetiner in #72
- feat: add support for Nextcloud 29 by @EsadCetiner in #73
- chore: prepare for 1.2.0 release by @EsadCetiner in #74
New Contributors
Full Changelog: v1.1.0...v1.2.0
v1.1.0
What's Changed
- Fix: False positive in deck application by @mivek in #53
- chore: update copyrights by @theseion in #55
- feat: add support for Nextcloud Office by @EsadCetiner in #56
- fix: SecAction can't be disabled via ctl action by @EsadCetiner in #43
- Allow the PUT method globally in the deck app. by @mivek in #58
- fix: text editor in public share and token related FPs by @EsadCetiner in #59
- chore: use flag in regexes for case insensitive matching by @theseion in #60
- fix: rules and tests after running at paranoia level 4 by @theseion in #61
- chore: update version to 1.1.0 by @theseion in #57
New Contributors
Full Changelog: v1.0.0...v1.1.0
v1.0.0
What's Changed
- Use new mechanism to disable plugin by @theseion in #1
- fix: Adjust phases for rules setting TX variables by @theseion in #3
- Fixing link to docs by @azurit in #4
- Fixing FP with PDF upload by @azurit in #7
- fix: use correct GH workflow setup by @theseion in #10
- decrease the 'phase' values by @Xhoenix in #11
- fix FPs by @Xhoenix in #12
- feat: Copy of tx.allowed_request_content_type and tx.allowed_methods initialization by @azurit in #14
- fix: avatars and plain text files FPs by @Xhoenix in #13
- Fix for few FPs by @Xhoenix in #15
- Fix few FPs by @Xhoenix in #17
- fix webauthn and authtoken FPs by @Xhoenix in #18
- fix: update phase values for allowed content types by @Xhoenix in #22
- fix: autosave and logging FPs by @Xhoenix in #24
- Add support for Nextcloud Notes by @EsadCetiner in #23
- Fix FP when logging in, Nextcloud Text app and when adding custom CSS code by @EsadCetiner in #26
- Fix FP with Photos, Circles, Notes, Contacts, Files and Settings by @EsadCetiner in #27
- Address FP in NC 27 file manager - details - versioning and system tags by @TGion in #29
- Add support for Nextcloud Mail by @EsadCetiner in #30
- Actions order by @azurit in #31
- Remove Duplicate rules, fix FPs and Tighten a few rules by @EsadCetiner in #33
- Fix XML parser failing by @EsadCetiner in #35
- Resolve FPs reported under issue 6 by @EsadCetiner in #37
- fix FP for photos app (albums, sharedalbums, places) by @mhastu in #36
- Fix Recognize, Passwords, Cookie, Text Editor, Search, and deleting mailbox FPs by @EsadCetiner in #39
- fix: don't inspect REQUEST_FILENAME of uploads by @theseion in #40
- Fix: various file upload FPs by @EsadCetiner in #42
- fix: file uploads FP from Windows client by @EsadCetiner in #47
- fix: xml parser failure when restoring file to old version by @EsadCetiner in #48
- fix: request smuggling FP when uploading via android client by @EsadCetiner in #45
- feat: add support for smart picker by @EsadCetiner in #49
- fix: sending mail and adjusting settings FP with newer NC mail versions by @EsadCetiner in #50
- fix: FPs with authentication by @EsadCetiner in #51
- fix: false positives when adjusting various settings by @EsadCetiner in #52
New Contributors
- @theseion made their first contribution in #1
- @azurit made their first contribution in #4
- @Xhoenix made their first contribution in #11
- @EsadCetiner made their first contribution in #23
- @TGion made their first contribution in #29
- @mhastu made their first contribution in #36
Full Changelog: https://github.com/coreruleset/nextcloud-rule-exclusions-plugin/commits/v1.0.0