diff options
| author | Joas Schilling <coding@schilljs.com> | 2023-03-20 12:27:44 +0100 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2023-03-20 16:30:42 +0100 |
| commit | 705165d3d14b1ac660e15751a07bd50ff9d2a695 (patch) | |
| tree | 9ac7f15ad3d79cde13bc3bd7b1e7c5737c433bb8 /lib/base.php | |
| parent | 07448168dcce5972678473346bf2861ee3f1559b (diff) | |
| download | nextcloud-server-705165d3d14b1ac660e15751a07bd50ff9d2a695.tar.gz nextcloud-server-705165d3d14b1ac660e15751a07bd50ff9d2a695.zip | |
fix(session): Fix DAVx5 sync problems by partial reverting session changes
Temporary disabled the short cut again to solve issues with CalDAV/CardDAV
clients like DAVx5 that use cookies and need a session. See
https://github.com/nextcloud/server/issues/37277#issuecomment-1476366147
and the other comments for further information.
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'lib/base.php')
| -rw-r--r-- | lib/base.php | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/lib/base.php b/lib/base.php index be931e70d55..57aad21ecd7 100644 --- a/lib/base.php +++ b/lib/base.php @@ -411,13 +411,17 @@ class OC { public static function initSession(): void { $request = Server::get(IRequest::class); - $isDavRequest = strpos($request->getRequestUri(), '/remote.php/dav') === 0 || strpos($request->getRequestUri(), '/remote.php/webdav') === 0; - if ($request->getHeader('Authorization') !== '' && is_null($request->getCookie('cookie_test')) && $isDavRequest && !isset($_COOKIE['nc_session_id'])) { - setcookie('cookie_test', 'test', time() + 3600); - // Do not initialize the session if a request is authenticated directly - // unless there is a session cookie already sent along - return; - } + + // TODO: Temporary disabled again to solve issues with CalDAV/CardDAV clients like DAVx5 that use cookies + // TODO: See https://github.com/nextcloud/server/issues/37277#issuecomment-1476366147 and the other comments + // TODO: for further information. + // $isDavRequest = strpos($request->getRequestUri(), '/remote.php/dav') === 0 || strpos($request->getRequestUri(), '/remote.php/webdav') === 0; + // if ($request->getHeader('Authorization') !== '' && is_null($request->getCookie('cookie_test')) && $isDavRequest && !isset($_COOKIE['nc_session_id'])) { + // setcookie('cookie_test', 'test', time() + 3600); + // // Do not initialize the session if a request is authenticated directly + // // unless there is a session cookie already sent along + // return; + // } if ($request->getServerProtocol() === 'https') { ini_set('session.cookie_secure', 'true'); |