upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-02-21 08:51:45 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 13
nextcloud/core
History
Christoph Wurst f22101d421
Fix login loop if login CSRF fails and user is not logged in 
If CSRF fails but the user is logged in that they probably logged in in
another tab. This is fine. We can just redirect.
If CSRF fails and the user is also not logged in then something is
fishy. E.g. because Nextcloud contantly regenrates the session and the
CSRF token and the user is stuck in an endless login loop.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2023-01-18 09:39:17 +01:00
..
ajax Flag repair errors as error level in eventSource->send 2022-08-25 18:32:20 +02:00
BackgroundJobs also use updatedir for cleanup of backups 2022-10-01 17:01:28 +02:00
Command Fix API breakage by using a new method instead 2023-01-12 17:18:59 +01:00
Controller Fix login loop if login CSRF fails and user is not logged in 2023-01-18 09:39:17 +01:00
css Fix failed revert for #35071 2023-01-17 14:21:11 +01:00
Data Update php licenses 2021-06-04 22:02:41 +02:00
Db Profile backend 2021-10-19 04:59:35 +00:00
doc
Events Add password reset typed events 2022-06-10 16:41:41 +02:00
Exception Update php licenses 2021-06-04 22:02:41 +02:00
fonts Include additional scripts in Noto fonts 2021-03-01 19:15:01 +01:00
img fix(ui): Fix and optimize more SVGs 2023-01-05 11:01:14 +01:00
js Focus trap contacts menu with NcHeaderMenu port 2023-01-13 23:19:28 +00:00
l10n Fix(l10n): 🔠 Update translations from Transifex 2023-01-18 02:25:23 +00:00
Listener Only check unsupported browsers on user rendering 2022-10-28 12:23:02 +02:00
Middleware Enable strict types for the 2FA middleware 2021-12-16 13:58:25 +01:00
Migrations PublickKeyTokenProvider: Fix password update routine with password hash 2023-01-04 08:30:53 +01:00
Notification update notifications for one-click instances 2022-10-24 18:28:00 +02:00
Service Update core to PHP 7.4 standard 2022-05-20 22:18:06 +02:00
skeleton
src Focus trap contacts menu with NcHeaderMenu port 2023-01-13 23:19:28 +00:00
templates Revert "Add alt to the logo, adapt css for logo" 2023-01-17 14:19:23 +01:00
vendor Remove jstz usage from server 2023-01-04 17:40:40 +00:00
.l10nignore Add core/js/dist/ to l10nignore 2019-06-13 13:55:22 +02:00
Application.php Only check unsupported browsers on user rendering 2022-10-28 12:23:02 +02:00
register_command.php move share owner repair to occ command 2022-11-08 17:13:33 +01:00
routes.php Use proper error pages instead of always redirecting 2022-10-21 15:12:21 +02:00
shipped.json set theming app to alwaysEnabled 2022-10-17 17:51:39 +02:00
strings.php core: add more strict_types 2021-04-26 12:44:37 +02:00