Skip to content

Commit

Permalink
Merge pull request #46212 from nextcloud/backport/46184/stable29
Browse files Browse the repository at this point in the history 
[stable29] fix: Authorization header can be an empty string
  • Loading branch information
@nickvergessen
nickvergessen authored Jul 4, 2024
2 parents f45ae8c + 583caa8 commit adaf85a
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion apps/dav/lib/Connector/Sabre/Auth.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -211,7 +211,7 @@ private function auth(RequestInterface $request, ResponseInterface $response): a
//Fix for broken webdav clients
($this->userSession->isLoggedIn() && is_null($this->session->get(self::DAV_AUTHENTICATED))) ||
//Well behaved clients that only send the cookie are allowed
($this->userSession->isLoggedIn() && $this->session->get(self::DAV_AUTHENTICATED) === $this->userSession->getUser()->getUID() && $request->getHeader('Authorization') === null) ||
($this->userSession->isLoggedIn() && $this->session->get(self::DAV_AUTHENTICATED) === $this->userSession->getUser()->getUID() && empty($request->getHeader('Authorization'))) ||
\OC_User::handleApacheAuth()
) {
$user = $this->userSession->getUser()->getUID();
Expand Down

0 comments on commit adaf85a

Please sign in to comment.