upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-04-26 00:27:49 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 30
nextcloud/core/Controller
History
Christoph Wurst b9baa624bc
Fix login loop if login CSRF fails and user is not logged in 
If CSRF fails but the user is logged in that they probably logged in in
another tab. This is fine. We can just redirect.
If CSRF fails and the user is also not logged in then something is
fishy. E.g. because Nextcloud contantly regenrates the session and the
CSRF token and the user is stuck in an endless login loop.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2023-02-16 09:42:11 +01:00
..
AppPasswordController.php Update php licenses 2021-06-04 22:02:41 +02:00
AutoCompleteController.php Update php licenses 2021-06-04 22:02:41 +02:00
AvatarController.php Fix caching of the user avatar 2022-03-02 18:42:03 +01:00
ClientFlowLoginController.php Show user account on grant loginflow step 2022-05-16 10:17:11 +00:00
ClientFlowLoginV2Controller.php Show user account on grant loginflow step 2022-05-16 10:17:11 +00:00
CollaborationResourcesController.php Update php licenses 2021-06-04 22:02:41 +02:00
ContactsMenuController.php Update php licenses 2021-06-04 22:02:41 +02:00
CSRFTokenController.php Update php licenses 2021-06-04 22:02:41 +02:00
CssController.php Update php licenses 2021-06-04 22:02:41 +02:00
GuestAvatarController.php Update php licenses 2021-06-04 22:02:41 +02:00
HoverCardController.php Add an OCS endpoint for the hovercard contact actions 2021-10-20 10:22:40 +02:00
JsController.php Update php licenses 2021-06-04 22:02:41 +02:00
LoginController.php Fix login loop if login CSRF fails and user is not logged in 2023-02-16 09:42:11 +01:00
LostController.php Add bruteforce protection to password reset page 2023-02-07 07:46:12 +01:00
NavigationController.php Update php licenses 2021-06-04 22:02:41 +02:00
OCJSController.php Explicitly allow some routes without 2FA 2021-11-18 13:03:39 +01:00
OCSController.php Update php licenses 2021-06-04 22:02:41 +02:00
PreviewController.php Improve caching policy 2022-02-18 14:28:24 +01:00
ProfileApiController.php Profile backend 2021-10-19 04:59:35 +00:00
ProfilePageController.php Improve handling of profile page 2022-08-22 23:43:19 +00:00
RecommendedAppsController.php Remove usage of \OC_Util::getDefaultPageUrl() and \OC_Util::redirectToDefaultPage() 2021-08-04 19:02:57 +02:00
SearchController.php Update php licenses 2021-06-04 22:02:41 +02:00
SetupController.php Improve installation pages 2022-01-19 00:42:55 +00:00
SvgController.php Fix codestyle 2021-09-06 10:53:01 +00:00
TwoFactorChallengeController.php Merge pull request #27733 from PhrozenByte/enhancement/noid/IURLGenerator-linkToDefaultPageUrl 2021-10-05 13:06:59 +02:00
UnifiedSearchController.php Use IURLGenerator function to get value of \OC::$WEBROOT global 2021-08-16 10:56:47 +02:00
UserController.php Update php licenses 2021-06-04 22:02:41 +02:00
WalledGardenController.php Update php licenses 2021-06-04 22:02:41 +02:00
WebAuthnController.php Update php licenses 2021-06-04 22:02:41 +02:00
WellKnownController.php Update php licenses 2021-06-04 22:02:41 +02:00
WhatsNewController.php Use product name in places where it is appropriate rather than the instance name 2021-06-16 11:42:53 +02:00
WipeController.php Update php licenses 2021-06-04 22:02:41 +02:00