diff options
| author | Roeland Jago Douma <roeland@famdouma.nl> | 2017-09-27 09:28:09 +0300 |
|---|---|---|
| committer | Roeland Jago Douma <roeland@famdouma.nl> | 2017-09-27 09:28:09 +0300 |
| commit | 95cc831ed72285a7190dce40ea9927975124b005 (patch) | |
| tree | ca278ccbc549700bbdb22da711daf03d9b449567 /lib/base.php | |
| parent | 271959b1d97b30388ac55efa94b6d5d1e28fa22d (diff) | |
Remove SAML hack from base.php
This is no longer required now that
https://github.com/nextcloud/user_saml/pull/159 is in
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'lib/base.php')
| -rw-r--r-- | lib/base.php | 17 |
1 files changed, 1 insertions, 16 deletions
diff --git a/lib/base.php b/lib/base.php index 76069303a52..c76d83cd220 100644 --- a/lib/base.php +++ b/lib/base.php @@ -543,22 +543,7 @@ class OC { $requestUri = $request->getScriptName(); $processingScript = explode('/', $requestUri); $processingScript = $processingScript[count($processingScript)-1]; - // FIXME: In a SAML scenario we don't get any strict or lax cookie - // send for the ACS endpoint. Since we have some legacy code in Nextcloud - // (direct PHP files) the enforcement of lax cookies is performed here - // instead of the middleware. - // - // This means we cannot exclude some routes from the cookie validation, - // which normally is not a problem but is a little bit cumbersome for - // this use-case. - // Once the old legacy PHP endpoints have been removed we can move - // the verification into a middleware and also adds some exemptions. - // - // Questions about this code? Ask Lukas ;-) - $currentUrl = substr(explode('?',$request->getRequestUri(), 2)[0], strlen(\OC::$WEBROOT)); - if($currentUrl === '/index.php/apps/user_saml/saml/acs' || $currentUrl === '/apps/user_saml/saml/acs') { - return; - } + // index.php routes are handled in the middleware if($processingScript === 'index.php') { return; |