source.dussan.org Git - nextcloud-server.git/commit

]> source.dussan.org Git - nextcloud-server.git/commit

author	Roeland Jago Douma <roeland@famdouma.nl>
	Fri, 3 Jan 2020 12:08:37 +0000 (13:08 +0100)
committer	Roeland Jago Douma <roeland@famdouma.nl>
	Fri, 3 Jan 2020 12:12:03 +0000 (13:12 +0100)
commit	da81b71f9337621a60def04c304cb301321163b7
tree	516138a4646d0cfd69e634a15aa21395517c0eb3	tree \| snapshot
parent	7976cb7e94d2d73173d1774534c1ae636dc4e17f	commit \| diff

Only allow requesting new CSRF tokens if it passes the SameSite Cookie test

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

core/Controller/CSRFTokenController.php		diff \| blob \| history
tests/Core/Controller/CSRFTokenControllerTest.php		diff \| blob \| history

Nextcloud server, a safe home for all your data: https://github.com/nextcloud/server