X Tutup
Skip to content

check request token on cookie authenticated request#38019

Merged
C0rby merged 1 commit intomasterfrom
fix-request-token-check
Nov 12, 2020
Merged

check request token on cookie authenticated request#38019
C0rby merged 1 commit intomasterfrom
fix-request-token-check

Conversation

@C0rby
Copy link
Contributor

@C0rby C0rby commented Oct 19, 2020
edited
Loading

Description

Check the request token on cookie authorized requests.

Motivation and Context

Since the OCS_APIREQUEST header was removed we needed another way to restrict cookie authenticated requests.

How Has This Been Tested?

  • manual smoke testing of the web and android app

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Database schema changes (next release will require increase of minor version instead of patch)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Technical debt
  • Tests only (no source changes)

Checklist:

  • Code changes
  • Unit tests added
  • Acceptance tests added
  • Documentation ticket raised:
  • Changelog item, see TEMPLATE

@C0rby C0rby self-assigned this Oct 19, 2020
@C0rby C0rby force-pushed the fix-request-token-check branch 2 times, most recently from 51bf89a to e63bcf3 Compare November 11, 2020 16:34
@C0rby
Copy link
Contributor Author

C0rby commented Nov 11, 2020

Wtf was that condition before?
I must have been tired or something...

@C0rby
Copy link
Contributor Author

C0rby commented Nov 11, 2020

Oh this looks promising. Restarting the tests because there was a network timeout

@C0rby C0rby marked this pull request as ready for review November 11, 2020 18:51
@C0rby
Copy link
Contributor Author

C0rby commented Nov 12, 2020

Did some manual smoke testing with the android app and the browser. Nothing seems to be broken there.

@phil-davis
Copy link
Contributor

phil-davis commented Nov 12, 2020

Changelog? Ready for review?

@C0rby
Copy link
Contributor Author

C0rby commented Nov 12, 2020

Yeah, I forgot the changelog. Will add it now.

@C0rby C0rby force-pushed the fix-request-token-check branch from e63bcf3 to 3b4027f Compare November 12, 2020 10:29
@C0rby C0rby requested a review from IljaN November 12, 2020 10:30
@owncloud owncloud deleted a comment from update-docs bot Nov 12, 2020
@C0rby C0rby requested a review from DeepDiver1975 November 12, 2020 10:32
@sonarqubecloud
Copy link

sonarqubecloud bot commented Nov 12, 2020

Kudos, SonarCloud Quality Gate passed!

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities (and Security Hotspot 0 Security Hotspots to review)
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

IljaN
IljaN approved these changes Nov 12, 2020
View reviewed changes
Copy link
Contributor

@IljaN IljaN left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did a quick smoke-test by sharing and creating public links from the desktop ✔️

LGTM 🍻

@C0rby C0rby merged commit dd37c24 into master Nov 12, 2020
@delete-merged-branch delete-merged-branch bot deleted the fix-request-token-check branch November 12, 2020 13:06
@C0rby C0rby mentioned this pull request Nov 18, 2020
Merged
17 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@DeepDiver1975 DeepDiver1975 Awaiting requested review from DeepDiver1975

2 more reviewers

@IljaN IljaN IljaN approved these changes

@micbar micbar micbar approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@C0rby C0rby

Labels

3 - To Review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@C0rby @phil-davis @IljaN @micbar
X Tutup