diff options
| author | Roeland Jago Douma <roeland@famdouma.nl> | 2018-05-17 22:07:20 +0200 |
|---|---|---|
| committer | Roeland Jago Douma <roeland@famdouma.nl> | 2018-05-26 13:21:08 +0200 |
| commit | 5eb6d7bc05993308fb8a1a88d95bcb08dc450d43 (patch) | |
| tree | 79f5affa84f23856c7db6e3eacfe6084c786aaf1 | |
| parent | 043acfebab11e4fdfdda9f412543f3d08b30c33c (diff) | |
| download | nextcloud-server-5eb6d7bc05993308fb8a1a88d95bcb08dc450d43.tar.gz nextcloud-server-5eb6d7bc05993308fb8a1a88d95bcb08dc450d43.zip | |
Regenerate session id after public share auth
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
| -rw-r--r-- | apps/files_sharing/lib/Controller/ShareController.php | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/apps/files_sharing/lib/Controller/ShareController.php b/apps/files_sharing/lib/Controller/ShareController.php index 3669d8fda46..f8749526900 100644 --- a/apps/files_sharing/lib/Controller/ShareController.php +++ b/apps/files_sharing/lib/Controller/ShareController.php @@ -204,6 +204,7 @@ class ShareController extends Controller { private function linkShareAuth(\OCP\Share\IShare $share, $password = null) { if ($password !== null) { if ($this->shareManager->checkPassword($share, $password)) { + $this->session->regenerateId(); $this->session->set('public_link_authenticated', (string)$share->getId()); } else { $this->emitAccessShareHook($share, 403, 'Wrong password'); |