diff options
| author | provokateurin <kate@provokateurin.de> | 2024-05-05 08:32:10 +0200 |
|---|---|---|
| committer | provokateurin <kate@provokateurin.de> | 2024-05-06 06:18:14 +0200 |
| commit | a77ef6057c9a694103a27984bb51ee3c49390346 (patch) | |
| tree | 22a8e1f44790fe20806b6e3848b0a968729e191c | |
| parent | d8e0d36d810078c54773754ca0fa8a620f8f407d (diff) | |
| download | nextcloud-server-fix/appframework/csrf-request-checks.tar.gz nextcloud-server-fix/appframework/csrf-request-checks.zip | |
fixup! refactor(AppFramework): Improve and document cookie check requirementsfix/appframework/csrf-request-checks
| -rw-r--r-- | lib/private/AppFramework/Http/Request.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/private/AppFramework/Http/Request.php b/lib/private/AppFramework/Http/Request.php index 0c5f45ce43e..fea68e9cfda 100644 --- a/lib/private/AppFramework/Http/Request.php +++ b/lib/private/AppFramework/Http/Request.php @@ -487,7 +487,7 @@ class Request implements \ArrayAccess, \Countable, IRequest { /** * Whether the cookie checks are required * - * In case the OCS-APIRequest header is set or the user has no session, we don't to check the cookies because the client is not a browser and thus doesn't need CSRF checks. + * In case the OCS-APIRequest header is set or the user has no session, we don't need to check the cookies because the client is not a browser and thus doesn't need CSRF checks. * * @return bool */ |