Merge pull request #9618 from nextcloud/backport/9515/stable12
[stable12] Regenerate session id after public share auth
This commit is contained in:
commit
7a121f81b5
|
@ -201,6 +201,7 @@ class ShareController extends Controller {
|
|||
private function linkShareAuth(\OCP\Share\IShare $share, $password = null) {
|
||||
if ($password !== null) {
|
||||
if ($this->shareManager->checkPassword($share, $password)) {
|
||||
$this->session->regenerateId();
|
||||
$this->session->set('public_link_authenticated', (string)$share->getId());
|
||||
} else {
|
||||
$this->emitAccessShareHook($share, 403, 'Wrong password');
|
||||
|
|
Loading…
Reference in New Issue