Merge pull request #43525 from nextcloud/backport/42544/stable28

nextcloud · Feb 22, 2024 · be5d576 · be5d576
2 parents c8704b4 + 3decdd9
commit be5d576
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 3 deletions.
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
@@ -35,6 +35,7 @@
  */
 namespace OC\Core\Controller;
 
+use OC\AppFramework\Http\Request;
 use OC\Authentication\Login\Chain;
 use OC\Authentication\Login\LoginData;
 use OC\Authentication\WebAuthn\Manager as WebAuthnManager;
@@ -105,8 +106,10 @@ public function logout() {
 		$this->session->set('clearingExecutionContexts', '1');
 		$this->session->close();
 
-		if ($this->request->getServerProtocol() === 'https') {
-			// This feature is available only in secure contexts
+		if (
+			$this->request->getServerProtocol() === 'https' &&
+			!$this->request->isUserAgent([Request::USER_AGENT_CHROME, Request::USER_AGENT_ANDROID_MOBILE_CHROME])
+		) {
 			$response->addHeader('Clear-Site-Data', '"cache", "storage"');
 		}
 

diff --git a/tests/Core/Controller/LoginControllerTest.php b/tests/Core/Controller/LoginControllerTest.php
@@ -145,6 +145,10 @@ public function testLogoutWithoutToken() {
 		$this->request
 			->method('getServerProtocol')
 			->willReturn('https');
+		$this->request
+			->expects($this->once())
+			->method('isUserAgent')
+			->willReturn(false);
 		$this->config
 			->expects($this->never())
 			->method('deleteUserValue');
@@ -159,16 +163,42 @@ public function testLogoutWithoutToken() {
 		$this->assertEquals($expected, $this->loginController->logout());
 	}
 
+	public function testLogoutNoClearSiteData() {
+		$this->request
+			->expects($this->once())
+			->method('getCookie')
+			->with('nc_token')
+			->willReturn(null);
+		$this->request
+			->method('getServerProtocol')
+			->willReturn('https');
+		$this->request
+			->expects($this->once())
+			->method('isUserAgent')
+			->willReturn(true);
+		$this->urlGenerator
+			->expects($this->once())
+			->method('linkToRouteAbsolute')
+			->with('core.login.showLoginForm')
+			->willReturn('/login');
+
+		$expected = new RedirectResponse('/login');
+		$this->assertEquals($expected, $this->loginController->logout());
+	}
+
 	public function testLogoutWithToken() {
 		$this->request
 			->expects($this->once())
 			->method('getCookie')
 			->with('nc_token')
 			->willReturn('MyLoginToken');
 		$this->request
-			->expects($this->once())
 			->method('getServerProtocol')
 			->willReturn('https');
+		$this->request
+			->expects($this->once())
+			->method('isUserAgent')
+			->willReturn(false);
 		$user = $this->createMock(IUser::class);
 		$user
 			->expects($this->once())