mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Redirect to the right token on public shares 

If the token doesn't match (or isn't set) during the redirect. We should
properly set it. Else we might redirect to a later auth display that set
these values.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
Roeland Jago Douma 2019-05-23 13:42:59 +02:00
parent e38f55d788
commit 96e51b5f6f
No known key found for this signature in database
GPG Key ID: F941078878347C0C
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
lib/public/AppFramework/AuthPublicShareController.php
View File

@ -185,6 +185,20 @@ abstract class AuthPublicShareController extends PublicShareController {
$route = $params['_route'];
unset($params['_route']);
}
// If the token doesn't match the rest of the arguments can't be trusted either
if (isset($params['token']) && $params['token'] !== $this->getToken()) {
$params = [
'token' => $this->getToken(),
];
}
// We need a token
if (!isset($params['token'])) {
$params = [
'token' => $this->getToken(),
];
}
}
return new RedirectResponse($this->urlGenerator->linkToRoute($route, $params));