diff options
| author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2017-03-30 18:25:50 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-03-30 18:25:50 +0200 |
| commit | 548871a9f3b1a4a244b0467a988cc4191d49146b (patch) | |
| tree | cb4b2f69ffc28e91b4996bcccf35253f9ca55a77 | |
| parent | a51e4dd2591b8c264846e7811605dd3f5d7a5c55 (diff) | |
| parent | bb94b39745cc1b38dcc6fb12b7ec028cde3a4a11 (diff) | |
| download | nextcloud-server-548871a9f3b1a4a244b0467a988cc4191d49146b.tar.gz nextcloud-server-548871a9f3b1a4a244b0467a988cc4191d49146b.zip | |
Merge pull request #3832 from nextcloud/fix_1303
Do not clear CSRF token on logout (fix for #1303)
| -rw-r--r-- | lib/private/Session/CryptoSessionData.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/private/Session/CryptoSessionData.php b/lib/private/Session/CryptoSessionData.php index 58020edf66d..4e0b852cb35 100644 --- a/lib/private/Session/CryptoSessionData.php +++ b/lib/private/Session/CryptoSessionData.php @@ -129,7 +129,11 @@ class CryptoSessionData implements \ArrayAccess, ISession { * Reset and recreate the session */ public function clear() { + $requesttoken = $this->get('requesttoken'); $this->sessionValues = []; + if ($requesttoken !== null) { + $this->set('requesttoken', $requesttoken); + } $this->isModified = true; $this->session->clear(); } |