aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--core/Controller/LoginController.php4
-rw-r--r--tests/Core/Controller/LoginControllerTest.php29
2 files changed, 27 insertions, 6 deletions
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
index db3e8a64d64..fe2a16ec4d3 100644
--- a/core/Controller/LoginController.php
+++ b/core/Controller/LoginController.php
@@ -35,6 +35,7 @@ declare(strict_types=1);
*/
namespace OC\Core\Controller;
+use OC\AppFramework\Http\Request;
use OC\Authentication\Login\Chain;
use OC\Authentication\Login\LoginData;
use OC\Authentication\WebAuthn\Manager as WebAuthnManager;
@@ -105,8 +106,7 @@ class LoginController extends Controller {
$this->session->set('clearingExecutionContexts', '1');
$this->session->close();
- if ($this->request->getServerProtocol() === 'https') {
- // This feature is available only in secure contexts
+ if (!$this->request->isUserAgent([Request::USER_AGENT_CHROME, Request::USER_AGENT_ANDROID_MOBILE_CHROME])) {
$response->addHeader('Clear-Site-Data', '"cache", "storage"');
}
diff --git a/tests/Core/Controller/LoginControllerTest.php b/tests/Core/Controller/LoginControllerTest.php
index 7d82e256c17..b427972e1ad 100644
--- a/tests/Core/Controller/LoginControllerTest.php
+++ b/tests/Core/Controller/LoginControllerTest.php
@@ -143,8 +143,9 @@ class LoginControllerTest extends TestCase {
->with('nc_token')
->willReturn(null);
$this->request
- ->method('getServerProtocol')
- ->willReturn('https');
+ ->expects($this->once())
+ ->method('isUserAgent')
+ ->willReturn(false);
$this->config
->expects($this->never())
->method('deleteUserValue');
@@ -159,6 +160,26 @@ class LoginControllerTest extends TestCase {
$this->assertEquals($expected, $this->loginController->logout());
}
+ public function testLogoutNoClearSiteData() {
+ $this->request
+ ->expects($this->once())
+ ->method('getCookie')
+ ->with('nc_token')
+ ->willReturn(null);
+ $this->request
+ ->expects($this->once())
+ ->method('isUserAgent')
+ ->willReturn(true);
+ $this->urlGenerator
+ ->expects($this->once())
+ ->method('linkToRouteAbsolute')
+ ->with('core.login.showLoginForm')
+ ->willReturn('/login');
+
+ $expected = new RedirectResponse('/login');
+ $this->assertEquals($expected, $this->loginController->logout());
+ }
+
public function testLogoutWithToken() {
$this->request
->expects($this->once())
@@ -167,8 +188,8 @@ class LoginControllerTest extends TestCase {
->willReturn('MyLoginToken');
$this->request
->expects($this->once())
- ->method('getServerProtocol')
- ->willReturn('https');
+ ->method('isUserAgent')
+ ->willReturn(false);
$user = $this->createMock(IUser::class);
$user
->expects($this->once())