From cfd7a571849ece0572b6e801cf0f21666e519ddb Mon Sep 17 00:00:00 2001
From: Git'Fellow <12234510+solracsf@users.noreply.github.com>
Date: Sat, 25 Mar 2023 23:58:14 +0100
Subject: [PATCH] Send header to all browsers under HTTPS

Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>

Don't send Clear-Site-Data to Safari

Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>

Fix lint

Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
---
 core/Controller/LoginController.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
index d3873d1329e..2ddba2bb98a 100644
--- a/core/Controller/LoginController.php
+++ b/core/Controller/LoginController.php
@@ -34,7 +34,6 @@ declare(strict_types=1);
  */
 namespace OC\Core\Controller;
 
-use OC\AppFramework\Http\Request;
 use OC\Authentication\Login\Chain;
 use OC\Authentication\Login\LoginData;
 use OC\Authentication\WebAuthn\Manager as WebAuthnManager;
@@ -125,7 +124,8 @@ class LoginController extends Controller {
 		$this->session->set('clearingExecutionContexts', '1');
 		$this->session->close();
 
-		if (!$this->request->isUserAgent([Request::USER_AGENT_CHROME, Request::USER_AGENT_ANDROID_MOBILE_CHROME])) {
+		if ($this->request->getServerProtocol() === 'https') {
+			// This feature is available only in secure contexts
 			$response->addHeader('Clear-Site-Data', '"cache", "storage"');
 		}