diff options
| author | jaltek <jaltek@mailbox.org> | 2018-01-31 14:17:56 +0100 |
|---|---|---|
| committer | Roeland Jago Douma <roeland@famdouma.nl> | 2018-06-06 22:13:35 +0200 |
| commit | c79dc0e08f9234739eccf07e13b971aa4664d86f (patch) | |
| tree | cc492d6ae139e9db4bddec3aa87fccfcdf9145f3 /config | |
| parent | ebdd3fb64a55fce706f97afa2f8ad529de05cabc (diff) | |
| download | nextcloud-server-c79dc0e08f9234739eccf07e13b971aa4664d86f.tar.gz nextcloud-server-c79dc0e08f9234739eccf07e13b971aa4664d86f.zip | |
Configurable list for opt out from same site cookie protection
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'config')
| -rw-r--r-- | config/config.sample.php | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/config/config.sample.php b/config/config.sample.php index 40d83cea372..fb767c9cf8c 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -1595,4 +1595,14 @@ $CONFIG = array( */ 'gs.federation' => 'internal', +/** + * List of incompatible user agents opted out from Same Site Cookie Protection. + * Some user agents are notorious and don't really properly follow HTTP + * specifications. For those, have an opt-out. + */ +'csrf.optout' => array( + '/^WebDAVFS/', // OS X Finder + '/^Microsoft-WebDAV-MiniRedir/', // Windows webdav drive +), + ); |