diff options
| author | Julius Härtl <jus@bitgrid.net> | 2024-07-01 11:43:10 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-07-01 11:43:10 +0200 |
| commit | 3b75c5b98cd0356e99c07d9696c49732f195b3f6 (patch) | |
| tree | d47ef2f6d71d8520cd3126cb30fbc0d13946d365 /apps | |
| parent | 7525eddb96897a856efb86e77e8fa6c8e1d020c4 (diff) | |
| parent | 4d6b4b71c7af6aa00cdc9291e64491486d74f41e (diff) | |
| download | nextcloud-server-3b75c5b98cd0356e99c07d9696c49732f195b3f6.tar.gz nextcloud-server-3b75c5b98cd0356e99c07d9696c49732f195b3f6.zip | |
Merge pull request #46184 from nextcloud/fix/dav-auth-check
fix: Authorization header can be an empty string
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/dav/lib/Connector/Sabre/Auth.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/apps/dav/lib/Connector/Sabre/Auth.php b/apps/dav/lib/Connector/Sabre/Auth.php index ee84da49d7d..9b67d960107 100644 --- a/apps/dav/lib/Connector/Sabre/Auth.php +++ b/apps/dav/lib/Connector/Sabre/Auth.php @@ -185,7 +185,7 @@ class Auth extends AbstractBasic { //Fix for broken webdav clients ($this->userSession->isLoggedIn() && is_null($this->session->get(self::DAV_AUTHENTICATED))) || //Well behaved clients that only send the cookie are allowed - ($this->userSession->isLoggedIn() && $this->session->get(self::DAV_AUTHENTICATED) === $this->userSession->getUser()->getUID() && $request->getHeader('Authorization') === null) || + ($this->userSession->isLoggedIn() && $this->session->get(self::DAV_AUTHENTICATED) === $this->userSession->getUser()->getUID() && empty($request->getHeader('Authorization'))) || \OC_User::handleApacheAuth() ) { $user = $this->userSession->getUser()->getUID(); |