Make authenticated cookies lax - nextcloud-server.git - Nextcloud server, a safe home for all your data: https://github.com/nextcloud/server

diff options

author	Roeland Jago Douma <roeland@famdouma.nl>	2018-09-28 15:06:48 +0200
committer	Roeland Jago Douma <roeland@famdouma.nl>	2018-09-28 16:44:37 +0200
commit	9a7265babf8712b1fb0e61c2d735b85f29555272 (patch)
tree	427d2b727c92f7e66c446aa117746d73e8c8f3bc /CODE_OF_CONDUCT.md
parent	db50e11edf608b6225e253610f7435089824a2c2 (diff)
download	nextcloud-server-9a7265babf8712b1fb0e61c2d735b85f29555272.tar.gz nextcloud-server-9a7265babf8712b1fb0e61c2d735b85f29555272.zip

Make authenticated cookies lax

This protects our cookies a bit more. It makes sure that when a 3rdparty websites embededs a public alendar for example. That all the users see this in anonymous mode there. It adds a small helper function. In the future we can think about protecting other cookies like this as well. But for now this is sufficient to not have the user logged in at all when doing 3rdparty requests. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

Diffstat (limited to 'CODE_OF_CONDUCT.md')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: