Merge pull request #37306 from nextcloud/bugfix/37277/caldav-sync

fix(session): Fix DAVx5 sync problems by partial reverting session changes

1 files changed, 11 insertions, 7 deletions

diff --git a/lib/base.php b/lib/base.php
index be931e70d55..57aad21ecd7 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -411,13 +411,17 @@ class OC {
 
 	public static function initSession(): void {
 		$request = Server::get(IRequest::class);
-		$isDavRequest = strpos($request->getRequestUri(), '/remote.php/dav') === 0 || strpos($request->getRequestUri(), '/remote.php/webdav') === 0;
-		if ($request->getHeader('Authorization') !== '' && is_null($request->getCookie('cookie_test')) && $isDavRequest && !isset($_COOKIE['nc_session_id'])) {
-			setcookie('cookie_test', 'test', time() + 3600);
-			// Do not initialize the session if a request is authenticated directly
-			// unless there is a session cookie already sent along
-			return;
-		}
+
+		// TODO: Temporary disabled again to solve issues with CalDAV/CardDAV clients like DAVx5 that use cookies
+		// TODO: See https://github.com/nextcloud/server/issues/37277#issuecomment-1476366147 and the other comments
+		// TODO: for further information.
+		// $isDavRequest = strpos($request->getRequestUri(), '/remote.php/dav') === 0 || strpos($request->getRequestUri(), '/remote.php/webdav') === 0;
+		// if ($request->getHeader('Authorization') !== '' && is_null($request->getCookie('cookie_test')) && $isDavRequest && !isset($_COOKIE['nc_session_id'])) {
+		// setcookie('cookie_test', 'test', time() + 3600);
+		// // Do not initialize the session if a request is authenticated directly
+		// // unless there is a session cookie already sent along
+		// return;
+		// }
 
 		if ($request->getServerProtocol() === 'https') {
 			ini_set('session.cookie_secure', 'true');