]> source.dussan.org Git - nextcloud-server.git/commit
projects / nextcloud-server.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 42b0a0d) | patch
Fix CSRF token generation / validation 1966/head
authorLeon Klingele <git@leonklingele.de>
Mon, 31 Oct 2016 17:22:42 +0000 (18:22 +0100)
committerLeon Klingele <git@leonklingele.de>
Wed, 2 Nov 2016 09:38:05 +0000 (10:38 +0100)
commite5d78a35231d1412aa7427f061aacdf73d92a796
treec47ba59f46e3332426d3262150ac4290fc5fd920tree | snapshot
parent42b0a0d2afe95b974545436e112a1d97edaeeb1acommit | diff
Fix CSRF token generation / validation

Operate on raw bytes instead of base64-encoded strings.
Issue was introduced in a977465

Signed-off-by: Leon Klingele <git@leonklingele.de>
lib/private/Security/CSRF/CsrfToken.php diff | blob | history
tests/lib/Security/CSRF/CsrfTokenManagerTest.php diff | blob | history
tests/lib/Security/CSRF/CsrfTokenTest.php diff | blob | history
Nextcloud server, a safe home for all your data: https://github.com/nextcloud/server