diff options
| author | John Molakvoæ <skjnldsv@users.noreply.github.com> | 2024-07-27 16:27:52 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-07-27 16:27:52 +0200 |
| commit | 0ae83d6183b5113b9e9116f13a0eb3ebe19bc44d (patch) | |
| tree | 73b959034ffa228ad5547ae6b3b88e4c7b950a31 /lib | |
| parent | 0f953c5cbdfff0a472eca07301d2c5a9966676e9 (diff) | |
| parent | 9d1705259c832fdfde48a04dcf538d1ecb7c7007 (diff) | |
| download | nextcloud-server-0ae83d6183b5113b9e9116f13a0eb3ebe19bc44d.tar.gz nextcloud-server-0ae83d6183b5113b9e9116f13a0eb3ebe19bc44d.zip | |
Merge pull request #46760 from nextcloud/fix/appframework/csrf-custom-header
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/AppFramework/Http/Request.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/private/AppFramework/Http/Request.php b/lib/private/AppFramework/Http/Request.php index 0bd430545d4..f790dae226c 100644 --- a/lib/private/AppFramework/Http/Request.php +++ b/lib/private/AppFramework/Http/Request.php @@ -426,6 +426,10 @@ class Request implements \ArrayAccess, \Countable, IRequest { return false; } + if ($this->getHeader('OCS-APIRequest') !== '') { + return true; + } + if (isset($this->items['get']['requesttoken'])) { $token = $this->items['get']['requesttoken']; } elseif (isset($this->items['post']['requesttoken'])) { |