Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

oc_token should be nc_token #3362

Merged
merged 1 commit into from
Feb 9, 2017
Merged

oc_token should be nc_token #3362

merged 1 commit into from
Feb 9, 2017

Conversation

ChristophWurst
Copy link
Member

@ChristophWurst ChristophWurst commented Feb 2, 2017
edited
Loading

I noticed this inconsistency when I took a look at #3361.

The cookie is set here:

server/lib/private/User/Session.php

Line 795 in a3f8358

setcookie('nc_token', $token, $expires, $webRoot, '', $secureCookie, true);

@LukasReschke as discussed 😉

@ChristophWurst
oc_token should be nc_token
5e728d0 
Signed-off-by: Christoph Wurst <[email protected]>
@ChristophWurst ChristophWurst added 2. developing Work in progress bug labels Feb 2, 2017
@ChristophWurst ChristophWurst added this to the Nextcloud 12.0 milestone Feb 2, 2017
@mention-bot
Copy link

@ChristophWurst, thanks for your PR! By analyzing the history of the files in this pull request, we identified @nickvergessen, @LukasReschke and @tanghus to be potential reviewers.

@nickvergessen
Copy link
Member

Any noticable impact?

@ChristophWurst
Copy link
Member Author

Any noticable impact?

Dunno, but I hope @LukasReschke does 😉

@ChristophWurst ChristophWurst added 3. to review Waiting for reviews and removed 2. developing Work in progress labels Feb 6, 2017
LukasReschke
LukasReschke approved these changes Feb 6, 2017
View reviewed changes
core/Controller/LoginController.php
@@ -98,7 +98,7 @@ function __construct($appName,
* @return RedirectResponse
*/
public function logout() {
$loginToken = $this->request->getCookie('oc_token');
$loginToken = $this->request->getCookie('nc_token');
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please prepare backport of this single change also to all older versions where you changed the cookie name.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

okidoke 👷

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Backport in #3511

Only nc11 is affected: #1347 was not backported

@LukasReschke
Copy link
Member

LukasReschke commented Feb 6, 2017
edited
Loading

Any noticable impact?

Nothing too horrible:

  • Same-Site cookies not triggered on login via remember me. But after the login they are (because of session_name).
  • Remember me token isn't deleted if someone presses logout.

The second one should be backported. The first one I'd avoid. @ChristophWurst can you take care of that? THX.

MorrisJobke
MorrisJobke approved these changes Feb 7, 2017
View reviewed changes
Copy link
Member

@MorrisJobke MorrisJobke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested and works fine 👍

@nickvergessen nickvergessen merged commit ac841ee into master Feb 9, 2017
@nickvergessen nickvergessen deleted the fix/nc-token-cookie-name branch February 9, 2017 09:08
@ChristophWurst ChristophWurst mentioned this pull request Feb 16, 2017
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MorrisJobke MorrisJobke MorrisJobke approved these changes

@LukasReschke LukasReschke LukasReschke approved these changes

Assignees
No one assigned
Labels
3. to review Waiting for reviews bug
Projects
None yet
Milestone
Nextcloud 12.0
Development

Successfully merging this pull request may close these issues.
5 participants
@ChristophWurst @mention-bot @nickvergessen @LukasReschke @MorrisJobke