From d7f102846c326863b2ea534c8e34bc88c56967bc Mon Sep 17 00:00:00 2001 From: provokateurin Date: Wed, 9 Oct 2024 10:15:42 +0200 Subject: [PATCH] fix(neon_http_client): Intercept all DAV requests in CSRFInterceptor Signed-off-by: provokateurin --- .../lib/src/interceptors/csrf_interceptor.dart | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/packages/neon_framework/packages/neon_http_client/lib/src/interceptors/csrf_interceptor.dart b/packages/neon_framework/packages/neon_http_client/lib/src/interceptors/csrf_interceptor.dart index e65d7203879..48b3dd18831 100644 --- a/packages/neon_framework/packages/neon_http_client/lib/src/interceptors/csrf_interceptor.dart +++ b/packages/neon_framework/packages/neon_http_client/lib/src/interceptors/csrf_interceptor.dart @@ -3,7 +3,6 @@ import 'package:interceptor_http_client/interceptor_http_client.dart'; import 'package:logging/logging.dart'; import 'package:meta/meta.dart'; import 'package:nextcloud/core.dart' as core; -import 'package:nextcloud/webdav.dart' as webdav; /// A HttpInterceptor that works around a Nextcloud CSRF bug when cookies are sent. /// @@ -43,7 +42,7 @@ final class CSRFInterceptor implements HttpInterceptor { @override bool shouldInterceptRequest(http.BaseRequest request) { - if (request.url.host != _baseURL.host || !request.url.path.startsWith('${_baseURL.path}${webdav.webdavBase}')) { + if (request.url.host != _baseURL.host || !request.url.path.startsWith('${_baseURL.path}/remote.php/')) { return false; }