Skip to content

Commit

Permalink
Merge pull request #36645 from nextcloud/backport/36637/stable25
Browse files Browse the repository at this point in the history 
[stable25] Safer URL match in FileReferenceProvider
  • Loading branch information
@nickvergessen
nickvergessen authored Feb 24, 2023
2 parents 08b13f6 + 6242e0f commit 193e51d
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions lib/private/Collaboration/Reference/File/FileReferenceProvider.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,21 +62,21 @@ public function matchReference(string $referenceText): bool {
}

private function getFilesAppLinkId(string $referenceText): ?int {
$start = $this->urlGenerator->getAbsoluteURL('/apps/files');
$startIndex = $this->urlGenerator->getAbsoluteURL('/index.php/apps/files');
$start = $this->urlGenerator->getAbsoluteURL('/apps/files/');
$startIndex = $this->urlGenerator->getAbsoluteURL('/index.php/apps/files/');

$fileId = null;

if (mb_strpos($referenceText, $start) === 0) {
$parts = parse_url($referenceText);
parse_str($parts['query'], $query);
parse_str($parts['query'] ?? '', $query);
$fileId = isset($query['fileid']) ? (int)$query['fileid'] : $fileId;
$fileId = isset($query['openfile']) ? (int)$query['openfile'] : $fileId;
}

if (mb_strpos($referenceText, $startIndex) === 0) {
$parts = parse_url($referenceText);
parse_str($parts['query'], $query);
parse_str($parts['query'] ?? '', $query);
$fileId = isset($query['fileid']) ? (int)$query['fileid'] : $fileId;
$fileId = isset($query['openfile']) ? (int)$query['openfile'] : $fileId;
}
Expand Down

0 comments on commit 193e51d

Please sign in to comment.