diff options
| author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2018-05-28 10:05:53 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-05-28 10:05:53 +0300 |
| commit | 5536d1718135c5a92856e27690f09c317953389e (patch) | |
| tree | fed4ae5a55d61a8aa4f85efd83c92dee0013e484 /apps | |
| parent | 5a20bb69808a4e5546e0513f7c6ada22b7c086a5 (diff) | |
| parent | 5eb6d7bc05993308fb8a1a88d95bcb08dc450d43 (diff) | |
Merge pull request #9619 from nextcloud/backport/9515/stable13
[stable13] Regenerate session id after public share auth
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/files_sharing/lib/Controller/ShareController.php | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/apps/files_sharing/lib/Controller/ShareController.php b/apps/files_sharing/lib/Controller/ShareController.php index 3669d8fda46..f8749526900 100644 --- a/apps/files_sharing/lib/Controller/ShareController.php +++ b/apps/files_sharing/lib/Controller/ShareController.php @@ -204,6 +204,7 @@ class ShareController extends Controller { private function linkShareAuth(\OCP\Share\IShare $share, $password = null) { if ($password !== null) { if ($this->shareManager->checkPassword($share, $password)) { + $this->session->regenerateId(); $this->session->set('public_link_authenticated', (string)$share->getId()); } else { $this->emitAccessShareHook($share, 403, 'Wrong password'); |