mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Extend Same Site cookie user_saml exemption rule 

The current check does not trigger if $request->getRequestUri() does not return index.php as a prefix
(on my config this was occuring using nginx to serve Nextcloud)

Signed-off-by: Vincent Vanackere <vincent.vanackere@trustelem.com>
This commit is contained in:
Vincent Vanackere 2017-03-07 16:22:57 +01:00
parent a5a872c9d7
commit be36513819
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/base.php
View File

@ -528,7 +528,7 @@ class OC {
//
// Questions about this code? Ask Lukas ;-)
$currentUrl = substr(explode('?',$request->getRequestUri(), 2)[0], strlen(\OC::$WEBROOT));
if($currentUrl === '/index.php/apps/user_saml/saml/acs') {
if($currentUrl === '/index.php/apps/user_saml/saml/acs' || $currentUrl === '/apps/user_saml/saml/acs') {
return;
}
// For the "index.php" endpoint only a lax cookie is required.