Home Explore Help
Sign In
RISCI_ATOM
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Files Issues 23 Wiki
Browse Source

Fix SAML Client login flow on Apple devices

Because the redirect from the SAML/SSO endpoint is a POST the lax/strict
cookies are not properly send.

Note that it is not strictly requried on this endpoint as we do not need
the remember me data. Only the real session info is enough. The endpoint
is also already protected by a state token.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Roeland Jago Douma 5 years ago
parent
c4a9bd11b9
commit
763b52d402
1 changed files with 1 additions and 0 deletions
Split View Show Diff Stats
  1. 1 0
      core/Controller/ClientFlowLoginController.php

+ 1 - 0
core/Controller/ClientFlowLoginController.php
View File 

@@ -207,6 +207,7 @@ class ClientFlowLoginController extends Controller {
 
 	/**
 
 	 * @NoAdminRequired
 
 	 * @NoCSRFRequired
 
+	 * @NoSameSiteCookieRequired
 
 	 * @UseSession
 
 	 *
 
 	 * @param string $stateToken