0
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2025-03-14 16:33:21 +00:00
Commit graph

32 commits

Author SHA1 Message Date
Maxence Lange
9100b8757e fix(setup): ignore long session login during installation
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2024-08-27 12:29:42 -01:00
Christoph Wurst
2b38d6ae7e
fix(session): Log when session_* calls are slow
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2024-08-07 09:02:10 +02:00
Julius Härtl
38bee2c014 perf: Set session.cache_limiter at runtime to avoid clients caching static assets served by PHP
By default there is a Pragma: no-cache header set due to the default
value `no-cache` of session.cache-limiter, which will cause Chrome and
iOS to not cache even with a different Cache-Control header set on the
response.

Signed-off-by: Julius Härtl <jus@bitgrid.net>
2024-07-08 22:30:27 +02:00
Andy Scherzinger
dae7c159f7
chore: Add SPDX header
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
2024-05-24 13:11:22 +02:00
Joas Schilling
7c6934dea9
fix(typo): Fix typo in docs
Signed-off-by: Joas Schilling <coding@schilljs.com>
2024-03-25 14:55:52 +01:00
Côme Chilliet
eee9f1eec4 Always catch OCP versions of authentication exceptions
And always throw OC versions for BC

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2024-01-11 14:02:15 +01:00
Christoph Wurst
14719110b9 chore: Replace \OC::$server->query with \OCP\Server::get in /lib
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2023-07-06 15:21:22 +02:00
Christoph Wurst
872c181c74
chore: Drop dead private methods in /lib
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2023-06-06 11:01:58 +02:00
Claus-Justus Heine
45ec432492 Don't call session_start() when PHP session is still or already open.
Signed-off-by: Claus-Justus Heine <himself@claus-justus-heine.de>
2023-04-17 16:23:02 +02:00
Julius Härtl
9e1d431255
Add config option to disable strict session timeout to be able to use read_and_close
Fixed https://github.com/nextcloud/server/issues/29356

Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-08-17 12:10:27 +02:00
Julius Härtl
9b4b72826a
Reopen sessions if we need to write to them instead of keeping them open
Sessions are a locking operation until we write close them, so close
them early and reopen later in case we want to write to them

Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-08-17 12:10:26 +02:00
luz paz
368f83095d Fix typos in lib/private subdirectory
Found via `codespell -q 3 -S l10n -L jus ./lib/private`

Signed-off-by: luz paz <luzpaz@github.com>
2022-07-27 08:52:17 -04:00
Julius Härtl
c1ea6a899c
Only trap E_ERROR in session handling
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-08-17 10:47:25 +02:00
John Molakvoæ (skjnldsv)
215aef3cbd
Update php licenses
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2021-06-04 22:02:41 +02:00
Christoph Wurst
7e2c3a820e
Remove the cookie paths for php<7.3
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-11-06 15:57:17 +01:00
Roeland Jago Douma
8daaf33e3d
Silence duplicate session warnings
Fixes 

Basically restroring the old behavior.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-14 05:23:11 +02:00
Christoph Wurst
caff1023ea
Format control structures, classes, methods and function
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.

This also removes and empty lines from method/function bodies at the
beginning and end.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-10 14:19:56 +02:00
Christoph Wurst
74936c49ea
Remove unused imports
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-25 22:08:08 +01:00
Roeland Jago Douma
2016e57eab
Only send samesite cookies
This makes the last remaining two cookies lax. The session cookie
itself. And the session password as well (on php 7.3 that is). Samesite
cookies are the best cookies!

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-02-06 15:24:35 +01:00
Christoph Wurst
5bf3d1bb38
Update license headers
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-12-05 15:38:45 +01:00
MartB
fe21b10de5 replace setcookie value with '' instead of null.
The php documentation states that an empty string should be used for a cookie when it has no real value.
null leads to the following error: expects parameter 2 to be string, null given

Signed-off-by: Martin Böh <mart.b@outlook.de>
2018-09-06 20:34:16 +02:00
Roeland Jago Douma
8c47a632e0
Allow updating the token on session regeneration
Sometimes when we force a session regeneration we want to update the
current token for this session.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-14 08:09:36 +02:00
Roeland Jago Douma
8cb6bb3987
Make ISession strict
* Make all implementations strict
* Add scalar types

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-02-26 22:20:21 +01:00
Morris Jobke
0eebff152a
Update license headers
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 16:56:19 +01:00
Arthur Schiwon
d1a8269de3
Forward port of to master
Treat PHP Errors on User session regenerate

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

remove unnecessary lines…

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

change PHP errors to ErrorException in the session (PHP >=7)

Otherwise it might be that authentication apps are being disabled on
during operation while in fact the session handler has hiccup.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-15 11:20:49 +02:00
Victor Dubiniuk
131df248ef
Catch session already closed exception in destructor 2017-04-25 16:28:52 +02:00
Joas Schilling
0215b004da
Update with robin 2016-07-21 18:13:58 +02:00
Joas Schilling
ba87db3fcc
Fix others 2016-07-21 18:13:57 +02:00
Lukas Reschke
aba539703c
Update license headers 2016-05-26 19:57:24 +02:00
Christoph Wurst
e93bf80b29
throw SessionNotAvailableException if session_id returns empty string 2016-04-26 14:51:21 +02:00
Christoph Wurst
0d53e86421
add ISession::getId() wrapper for session_id 2016-04-25 10:36:24 +02:00
Roeland Jago Douma
e2c36c2903
Move \OC\Session to PSR-4 2016-04-15 07:46:19 +02:00
Renamed from lib/private/session/internal.php (Browse further)