diff options
Diffstat (limited to 'lib/base.php')
| -rw-r--r-- | lib/base.php | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/lib/base.php b/lib/base.php index 25f978df836..a54d2c4b7ec 100644 --- a/lib/base.php +++ b/lib/base.php @@ -362,13 +362,6 @@ class OC { public static function initSession(): void { $request = Server::get(IRequest::class); - // Do not initialize sessions for 'status.php' requests - // Monitoring endpoints can quickly flood session handlers - // and 'status.php' doesn't require sessions anyway - if (str_ends_with($request->getScriptName(), '/status.php')) { - return; - } - // TODO: Temporary disabled again to solve issues with CalDAV/CardDAV clients like DAVx5 that use cookies // TODO: See https://github.com/nextcloud/server/issues/37277#issuecomment-1476366147 and the other comments // TODO: for further information. @@ -387,6 +380,13 @@ class OC { // prevents javascript from accessing php session cookies ini_set('session.cookie_httponly', 'true'); + // Do not initialize sessions for 'status.php' requests + // Monitoring endpoints can quickly flood session handlers + // and 'status.php' doesn't require sessions anyway + if (str_ends_with($request->getScriptName(), '/status.php')) { + return; + } + // set the cookie path to the Nextcloud directory $cookie_path = OC::$WEBROOT ? : '/'; ini_set('session.cookie_path', $cookie_path); |