Skip to content

GitLab

Explore

Sign in

Primary navigation

Project

Nextcloud
- Activity
- Members
- Labels
- Service Desk
- Model experiments

Snippets Groups Projects

da81b71f

Unverified Commit da81b71f authored 5 years ago by Roeland Jago Douma

Downloads
- Patches
- Plain Diff

Only allow requesting new CSRF tokens if it passes the SameSite Cookie test


Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

parent 7976cb7e

No related branches found

No related tags found

Loading

Changes 2

Hide whitespace changes

Inline Side-by-side

Showing

core/Controller/CSRFTokenController.php 5 additions, 0 deletions

core/Controller/CSRFTokenController.php
tests/Core/Controller/CSRFTokenControllerTest.php 12 additions, 1 deletion

tests/Core/Controller/CSRFTokenControllerTest.php

with 17 additions and 1 deletion

Loading

0% Loading or .

You are about to add 0 people to the discussion. Proceed with caution.

Finish editing this message first!

Please register or sign in to comment