open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix(security): Log failing strict cookie check

Browse Source 
The error is silent otherwise and makes it very hard to debug on a
production system.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
pull/37305/head
Christoph Wurst 3 years ago
parent 8f59ff880f
commit 0e6fccf9e1
No known key found for this signature in database
GPG Key ID: CC42AC2A7F0E56D8
1 changed files with 1 additions and 0 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 1
      lib/base.php

1
lib/base.php
Unescape View File

@ -561,6 +561,7 @@ class OC {
// All other endpoints require the lax and the strict cookie
if (!$request->passesStrictCookieCheck()) {
logger('core')->warning('Request does not pass strict cookie check');
self::sendSameSiteCookies();
// Debug mode gets access to the resources without strict cookie
// due to the fact that the SabreDAV browser also lives there.

Write Preview
Loading…
Cancel
Save