Skip to content

Commit

Permalink
Merge #251 No session on DAV API call
Browse files Browse the repository at this point in the history
  • Loading branch information
tsdicloud committed Aug 20, 2023
2 parents ad49cc3 + 70f1b3b commit 3eb99f9
Showing 1 changed file with 8 additions and 7 deletions.
15 changes: 8 additions & 7 deletions lib/base.php
Original file line number Diff line number Diff line change
Expand Up @@ -420,13 +420,14 @@ public static function initSession(): void {
// TODO: Temporary disabled again to solve issues with CalDAV/CardDAV clients like DAVx5 that use cookies
// TODO: See https://github.com/nextcloud/server/issues/37277#issuecomment-1476366147 and the other comments
// TODO: for further information.
// $isDavRequest = strpos($request->getRequestUri(), '/remote.php/dav') === 0 || strpos($request->getRequestUri(), '/remote.php/webdav') === 0;
// if ($request->getHeader('Authorization') !== '' && is_null($request->getCookie('cookie_test')) && $isDavRequest && !isset($_COOKIE['nc_session_id'])) {
// setcookie('cookie_test', 'test', time() + 3600);
// // Do not initialize the session if a request is authenticated directly
// // unless there is a session cookie already sent along
// return;
// }
// MagentaCLOUD stays with original version of the solution from production
$isDavRequest = strpos($request->getRequestUri(), '/remote.php/dav') === 0 ||
strpos($request->getRequestUri(), '/remote.php/webdav') === 0;
if ($request->getHeader('Authorization') !== '' && $isDavRequest && !isset($_COOKIE['nc_session_id'])) {
// Do not initialize the session if a request is authenticated directly
// unless there is a session cookie already sent along
return;
}

if ($request->getServerProtocol() === 'https') {
ini_set('session.cookie_secure', 'true');
Expand Down

0 comments on commit 3eb99f9

Please sign in to comment.