diff options
author | Andrew Dolgov <[email protected]> | 2021-03-05 12:27:23 +0300 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2021-03-05 12:27:23 +0300 |
commit | fe06416f1787d27e90ad75f7c33eadd412574346 (patch) | |
tree | 97ec65f0cb115a0d3fdd821bfe36514c6b0678ca /classes/userhelper.php | |
parent | 98c75a9e433d7994548071048318cae43e2c0236 (diff) |
sessions: stop validating against hash of user agent because chromium is sending
different agent headers for whatever reason, example:
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML,
like Gecko) Chrome/88.0.4324.192 Safari/537.36
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like
Gecko) Chrome/88.0.4324.104 Safari/537.36
seems to be related, at least, to App.postOpenWindow() hack.
Diffstat (limited to 'classes/userhelper.php')
-rw-r--r-- | classes/userhelper.php | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/classes/userhelper.php b/classes/userhelper.php index d929583f7..2bb83a02a 100644 --- a/classes/userhelper.php +++ b/classes/userhelper.php @@ -48,7 +48,6 @@ class UserHelper { $_SESSION["access_level"] = $user->access_level; $_SESSION["csrf_token"] = bin2hex(get_random_bytes(16)); $_SESSION["ip_address"] = UserHelper::get_user_ip(); - $_SESSION["user_agent"] = sha1($_SERVER['HTTP_USER_AGENT']); $_SESSION["pwd_hash"] = $user->pwd_hash; $user->last_login = Db::NOW(); |