[Pkg-owncloud-commits] [owncloud-doc] 94/270: fix some dev docs

David Prévot taffit at moszumanska.debian.org
Thu Jul 31 03:53:05 UTC 2014 

This is an automated email from the git hooks/post-receive script.

taffit pushed a commit to branch master
in repository owncloud-doc.

commit 0ad6088262b812a182e2e27b1d444b69d474258a
Author: Bernhard Posselt <dev at bernhard-posselt.com>
Date:   Thu May 22 19:34:59 2014 +0200

    fix some dev docs
---
 developer_manual/general/security.rst | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/developer_manual/general/security.rst b/developer_manual/general/security.rst
index 332489c..1de5c9d 100644
--- a/developer_manual/general/security.rst
+++ b/developer_manual/general/security.rst
@@ -67,8 +67,6 @@ To prevent XSS in your app, **never use echo, print() or <\%=** - use **p()** in
 
 .. note:: Should you ever require to print something unescaped, double check if it is really needed. If there is no other way (e.g. when including of subtemplates) use `print_unescaped`  with care.
 
-If you use the App Framework with Twig templates everything is already escaped by default.
-
 JavaScript
 ~~~~~~~~~~
 
@@ -107,7 +105,7 @@ Clickjacking
 
 To prevent such attacks ownCloud sends the `X-Frame-Options` header to all template responses. Don't remove this header if you don't really need it!
 
-This is already built into ownCloud if :php:class:`OC_Template` or Twig Templatse are used.
+This is already built into ownCloud if :php:class:`OC_Template`.
 
 Code executions / File inclusions
 ---------------------------------
@@ -198,9 +196,9 @@ Auth bypass/privilege escalations happens when a user is able to perform not aut
 
 ownCloud offers three simple checks:
 
-* **OCP\JSON::checkLoggedIn()**: Checks if the logged in user is logged in
-* **OCP\JSON::checkAdminUser()**: Checks if the logged in user has admin privileges
-* **OCP\JSON::checkSubAdminUser()**: Checks if the logged in user has group admin privileges
+* **OCP\\JSON::checkLoggedIn()**: Checks if the logged in user is logged in
+* **OCP\\JSON::checkAdminUser()**: Checks if the logged in user has admin privileges
+* **OCP\\JSON::checkSubAdminUser()**: Checks if the logged in user has group admin privileges
 
 Using the App Framework, these checks are already automatically performed for each request and have to be explicitely turned off by using annotations above your controller method,  see :doc:`../app/controllers`.
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud-doc.git

More information about the Pkg-owncloud-commits mailing list