]> source.dussan.org Git - nextcloud-server.git/commitdiff
fix(session): Fix DAVx5 sync problems by partial reverting session changes 37306/head
authorJoas Schilling <coding@schilljs.com>
Mon, 20 Mar 2023 11:27:44 +0000 (12:27 +0100)
committerJoas Schilling <coding@schilljs.com>
Mon, 20 Mar 2023 15:30:42 +0000 (16:30 +0100)
Temporary disabled the short cut again to solve issues with CalDAV/CardDAV
clients like DAVx5 that use cookies and need a session. See
https://github.com/nextcloud/server/issues/37277#issuecomment-1476366147
and the other comments for further information.

Signed-off-by: Joas Schilling <coding@schilljs.com>
lib/base.php

index be931e70d5581eed9cfb13a67d74c276db0c22ba..57aad21ecd74dceb25d8d9fe6ebd924630bb2c44 100644 (file)
@@ -411,13 +411,17 @@ class OC {
 
        public static function initSession(): void {
                $request = Server::get(IRequest::class);
-               $isDavRequest = strpos($request->getRequestUri(), '/remote.php/dav') === 0 || strpos($request->getRequestUri(), '/remote.php/webdav') === 0;
-               if ($request->getHeader('Authorization') !== '' && is_null($request->getCookie('cookie_test')) && $isDavRequest && !isset($_COOKIE['nc_session_id'])) {
-                       setcookie('cookie_test', 'test', time() + 3600);
-                       // Do not initialize the session if a request is authenticated directly
-                       // unless there is a session cookie already sent along
-                       return;
-               }
+
+               // TODO: Temporary disabled again to solve issues with CalDAV/CardDAV clients like DAVx5 that use cookies
+               // TODO: See https://github.com/nextcloud/server/issues/37277#issuecomment-1476366147 and the other comments
+               // TODO: for further information.
+               // $isDavRequest = strpos($request->getRequestUri(), '/remote.php/dav') === 0 || strpos($request->getRequestUri(), '/remote.php/webdav') === 0;
+               // if ($request->getHeader('Authorization') !== '' && is_null($request->getCookie('cookie_test')) && $isDavRequest && !isset($_COOKIE['nc_session_id'])) {
+               // setcookie('cookie_test', 'test', time() + 3600);
+               // // Do not initialize the session if a request is authenticated directly
+               // // unless there is a session cookie already sent along
+               // return;
+               // }
 
                if ($request->getServerProtocol() === 'https') {
                        ini_set('session.cookie_secure', 'true');