archive
/
nextcloud
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Releases Wiki Activity

fix: Make sure to reopen session before cleaning

Browse Source 
Otherwise restoring the requesttoken would reopen and read the existing
session data and restore it instead of clearing

Signed-off-by: Julius Härtl <jus@bitgrid.net>
pull/35723/head
Julius Härtl 1 year ago
parent 8d1142cfb9
commit a6761d76ea
No known key found for this signature in database
GPG Key ID: 4C614C6ED2CDE6DF
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File

4
lib/private/Session/CryptoSessionData.php
Unescape Escape View File

@ -152,6 +152,7 @@ class CryptoSessionData implements \ArrayAccess, ISession {
* Reset and recreate the session
*/
public function clear() {
$reopened = $this->reopen();
$requesttoken = $this->get('requesttoken');
$this->sessionValues = [];
if ($requesttoken !== null) {
@ -159,6 +160,9 @@ class CryptoSessionData implements \ArrayAccess, ISession {
}
$this->isModified = true;
$this->session->clear();
if ($reopened) {
$this->close();
}
}
public function reopen(): bool {

Write Preview
Loading…
Cancel
Save