sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Show login again instead of JSON if CSRF check fails 

Previously a JSON error page was shown to the user in-case the CSRF token was not valid. This was confusing and prevented people from login.

With this at least the login page is shown again and not a JSON error message. I consider this as sufficient since adding a new error page just for this sake would uneededly make lib/base.php even more cluttered and this is a edge-case which optimally should anyways not happen that often.

This can be tested by opening the login page, then clearing the cookies, and trying to login.
remotes/origin/fix-10825
Lukas Reschke 2014-09-22 15:36:39 +07:00
parent 1e915cc145
commit 4893d2c0ed
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/base.php
Unescape Escape View File

@ -921,7 +921,9 @@ class OC {
return false;
}
OC_JSON::callCheck();
if(!OC_Util::isCallRegistered()) {
return false;
}
OC_App::loadApps();
//setup extra user backends