Skip to content

Commit

Permalink
fix(neon_http_client): Intercept all DAV requests in CSRFInterceptor
Browse files Browse the repository at this point in the history 
Signed-off-by: provokateurin <[email protected]>
  • Loading branch information
@provokateurin
provokateurin committed Oct 9, 2024
1 parent b7a16d0 commit d7f1028
Showing 1 changed file with 1 addition and 2 deletions.
3 changes: 1 addition & 2 deletions packages/neon_framework/packages/neon_http_client/lib/src/interceptors/csrf_interceptor.dart
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@ import 'package:interceptor_http_client/interceptor_http_client.dart';
import 'package:logging/logging.dart';
import 'package:meta/meta.dart';
import 'package:nextcloud/core.dart' as core;
import 'package:nextcloud/webdav.dart' as webdav;

/// A HttpInterceptor that works around a Nextcloud CSRF bug when cookies are sent.
///
Expand Down Expand Up @@ -43,7 +42,7 @@ final class CSRFInterceptor implements HttpInterceptor {

@override
bool shouldInterceptRequest(http.BaseRequest request) {
if (request.url.host != _baseURL.host || !request.url.path.startsWith('${_baseURL.path}${webdav.webdavBase}')) {
if (request.url.host != _baseURL.host || !request.url.path.startsWith('${_baseURL.path}/remote.php/')) {
return false;
}

Expand Down

0 comments on commit d7f1028

Please sign in to comment.