diff options
| author | John Molakvoæ <skjnldsv@users.noreply.github.com> | 2023-03-28 14:02:00 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-03-28 14:02:00 +0200 |
| commit | 8ee52d35b82541381d23779bdce77450311166a6 (patch) | |
| tree | 5a935cfc8fc818f43f5d1ff290a6e3a0395d50d3 /core | |
| parent | 7db8e222071421c90dfbcb91bfef11a22f4078b5 (diff) | |
| parent | 346054f85402bcf6a2ccd9d672abf6d9194ea793 (diff) | |
| download | nextcloud-server-8ee52d35b82541381d23779bdce77450311166a6.tar.gz nextcloud-server-8ee52d35b82541381d23779bdce77450311166a6.zip | |
Merge pull request #37405 from nextcloud/clear-site-data
Send Clear-Site-Data header and let browsers ignore it if unsupported
Diffstat (limited to 'core')
| -rw-r--r-- | core/Controller/LoginController.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index d3873d1329e..2ddba2bb98a 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -34,7 +34,6 @@ declare(strict_types=1); */ namespace OC\Core\Controller; -use OC\AppFramework\Http\Request; use OC\Authentication\Login\Chain; use OC\Authentication\Login\LoginData; use OC\Authentication\WebAuthn\Manager as WebAuthnManager; @@ -125,7 +124,8 @@ class LoginController extends Controller { $this->session->set('clearingExecutionContexts', '1'); $this->session->close(); - if (!$this->request->isUserAgent([Request::USER_AGENT_CHROME, Request::USER_AGENT_ANDROID_MOBILE_CHROME])) { + if ($this->request->getServerProtocol() === 'https') { + // This feature is available only in secure contexts $response->addHeader('Clear-Site-Data', '"cache", "storage"'); } |