summaryrefslogtreecommitdiffstats
path: root/lib/private/legacy/eventsource.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/private/legacy/eventsource.php')
-rw-r--r--lib/private/legacy/eventsource.php4
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/private/legacy/eventsource.php b/lib/private/legacy/eventsource.php
index 51040e7be7d..70e9847d237 100644
--- a/lib/private/legacy/eventsource.php
+++ b/lib/private/legacy/eventsource.php
@@ -76,6 +76,10 @@ class OC_EventSource implements \OCP\IEventSource {
} else {
header("Content-Type: text/event-stream");
}
+ if(!\OC::$server->getRequest()->passesStrictCookieCheck()) {
+ header('Location: '.\OC::$WEBROOT);
+ exit();
+ }
if (!(\OC::$server->getRequest()->passesCSRFCheck())) {
$this->send('error', 'Possible CSRF attack. Connection will be closed.');
$this->close();
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-11 14:02:00 +0000