From 705165d3d14b1ac660e15751a07bd50ff9d2a695 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Mon, 20 Mar 2023 12:27:44 +0100 Subject: [PATCH] fix(session): Fix DAVx5 sync problems by partial reverting session changes Temporary disabled the short cut again to solve issues with CalDAV/CardDAV clients like DAVx5 that use cookies and need a session. See https://github.com/nextcloud/server/issues/37277#issuecomment-1476366147 and the other comments for further information. Signed-off-by: Joas Schilling --- lib/base.php | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/lib/base.php b/lib/base.php index be931e70d55..57aad21ecd7 100644 --- a/lib/base.php +++ b/lib/base.php @@ -411,13 +411,17 @@ class OC { public static function initSession(): void { $request = Server::get(IRequest::class); - $isDavRequest = strpos($request->getRequestUri(), '/remote.php/dav') === 0 || strpos($request->getRequestUri(), '/remote.php/webdav') === 0; - if ($request->getHeader('Authorization') !== '' && is_null($request->getCookie('cookie_test')) && $isDavRequest && !isset($_COOKIE['nc_session_id'])) { - setcookie('cookie_test', 'test', time() + 3600); - // Do not initialize the session if a request is authenticated directly - // unless there is a session cookie already sent along - return; - } + + // TODO: Temporary disabled again to solve issues with CalDAV/CardDAV clients like DAVx5 that use cookies + // TODO: See https://github.com/nextcloud/server/issues/37277#issuecomment-1476366147 and the other comments + // TODO: for further information. + // $isDavRequest = strpos($request->getRequestUri(), '/remote.php/dav') === 0 || strpos($request->getRequestUri(), '/remote.php/webdav') === 0; + // if ($request->getHeader('Authorization') !== '' && is_null($request->getCookie('cookie_test')) && $isDavRequest && !isset($_COOKIE['nc_session_id'])) { + // setcookie('cookie_test', 'test', time() + 3600); + // // Do not initialize the session if a request is authenticated directly + // // unless there is a session cookie already sent along + // return; + // } if ($request->getServerProtocol() === 'https') { ini_set('session.cookie_secure', 'true'); -- 2.39.5