Skip to content

Commit

Permalink
Android: May fix laurent22#11292: Don't store WebDAV authentication c…
Browse files Browse the repository at this point in the history
…ookies on Android

Note: An alternative, as suggested on the linked issue, might be to
allow users to manually delete all cookies (e.g. under advanced
settings). This, however, is more complicated (may require either
Android-specific native code or adding a library).
  • Loading branch information
personalizedrefrigerator committed Dec 23, 2024
1 parent 40914be commit ab33361
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions packages/lib/WebDavApi.js
Original file line number Diff line number Diff line change
Expand Up @@ -378,6 +378,15 @@ class WebDavApi {
if (options.path) fetchOptions.path = options.path;
if (body) fetchOptions.body = body;
fetchOptions.ignoreTlsErrors = this.options_.ignoreTlsErrors();
if (shim.mobilePlatform() === 'android') {
// Using credentials = 'omit' prevents authentication cookies from
// being stored. React Native has issues related to cookie authentication:
// https://github.com/facebook/react-native/issues/23185
//
// Auth tokens are passed through the "Authorization" header, so
// these cookies should not be necessary.
fetchOptions.credentials = 'omit';
}
const url = `${this.baseUrl()}/${ltrimSlashes(path)}`;

if (shim.httpAgent(url)) fetchOptions.agent = shim.httpAgent(url);
Expand Down

0 comments on commit ab33361

Please sign in to comment.