-
-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clears the local storage after logout #10874
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Clearing all local storage will cause the setting videoDisabled from the talk app to be removed. I think we should not clear all data if we cannot be sure that it is restored during the login again.
@juliushaertl We want to use local storage in Calendar and Contacts, to speed up loading when you open the page, but obviously, you don't want your events and contacts to remain in local storage once you logged out. Maybe |
Nevermind. Of course settings should be persisted in the user config.
Side note: there's also session storage. For one, this can be used in apps for data that must not remain forever but we also might want to clear that on logout. |
7bfc5a9
to
ccaa812
Compare
@ChristophWurst jep - I added cleanup of the SessionStorage. |
From a security point of view I'd want
Currently that would means to just always clear it when the login page is loaded. As this is where you are also redirected when your session expired etc. Of course settings should be stored in the DB as well ;) to obtain them if the local storage is empty etc. |
@weeman1337 I guess this is nothing that will be ready and merged until late Wednesday? Then we would need to move this to 16. |
Let's move it to 16. |
Hey @weeman1337 :) Could you rebase onto latest master? Than we can integrate this into Nextcloud 16 ✌️ |
Signed-off-by: Michael Weimann <[email protected]>
ccaa812
to
e083e8a
Compare
Done |
Unrelated |
It seems to me that the clearing of local storage has broken the JSXC chat app which no longer autologs in chat user for NC16. |
The logout controller adds a param to the redirect url. Then the login code checks if it's there and clears the local storage. I also added a note this can be taken out again if the browsers support
Clear-Site-Data
properly.closes #10859