Merge pull request #35866 from nextcloud/bugfix/noid/session-setup-followup

fix(session): Always setup the session if a session cookie is passed

Author: juliusknorr

lib/base.php

@@ -411,7 +411,7 @@ private static function printUpgradePage(\OC\SystemConfig $systemConfig): void {
 	public static function initSession(): void {
 		$request = Server::get(IRequest::class);
 		$isDavRequest = strpos($request->getRequestUri(), '/remote.php/dav') === 0 || strpos($request->getRequestUri(), '/remote.php/webdav') === 0;
-		if ($request->getHeader('Authorization') !== '' && is_null($request->getCookie('cookie_test')) && $isDavRequest) {
+		if ($request->getHeader('Authorization') !== '' && is_null($request->getCookie('cookie_test')) && $isDavRequest && !isset($_COOKIE['nc_session_id'])) {
 			setcookie('cookie_test', 'test', time() + 3600);
 			// Do not initialize the session if a request is authenticated directly
 			// unless there is a session cookie already sent along