Safari drops cookie due to avatar request

[juliusknorr]

Steps to reproduce with Safari:

• Go to files app and ensure that the text app has an open connection with regular sync requests
• Open collabora document
• See a toast message about the failing text app request in the background

This happens as the Collabora iframe loads the avatar from nextcloud (without cookies in safari) so a new php session is created and still stored in the site cookie data (looks like a safari bug). Then the next request from the parent frame will fail with the new cookie data, as the now present php session doesn't contain the correct nextcloud session anymore

Potential ideas for fixing

• Redirect from Nextcloud to Collabora in the inner iframe - might not be suitable as we need a post request
• Prevent cookies on the collabora img tag https://stackoverflow.com/questions/51549390/how-can-i-disable-third-party-cookies-for-img-tags
• Avoid creating new sessions on avatar endpoints (in server)