summaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorRoeland Jago Douma <roeland@famdouma.nl>2016-08-01 08:52:50 +0200
committerRoeland Jago Douma <roeland@famdouma.nl>2016-08-01 08:52:50 +0200
commit5c718b13b8c68fc89661edbdbd40822bb55f544a (patch)
tree045d16ab15a1fbfd76f54d2c1e2ede69b91e24b8 /lib
parent50c8367041152ddd574ea283f0a9f08c192a646a (diff)
downloadnextcloud-server-5c718b13b8c68fc89661edbdbd40822bb55f544a.tar.gz
nextcloud-server-5c718b13b8c68fc89661edbdbd40822bb55f544a.zip
We should properly check for 'true' instaed of the bool
Diffstat (limited to 'lib')
-rw-r--r--lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php b/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php
index 08af42b5216..3bfef2df025 100644
--- a/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php
+++ b/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php
@@ -153,7 +153,7 @@ class SecurityMiddleware extends Middleware {
*/
if(!$this->request->passesCSRFCheck() && !(
$controller instanceof OCSController &&
- $this->request->getHeader('OCS_APIREQUEST') === true)) {
+ $this->request->getHeader('OCS-APIREQUEST') === 'true')) {
throw new CrossSiteRequestForgeryException();
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-05 20:51:02 +0000