safer URL match in FileReferenceProvider

Signed-off-by: Julien Veyssier <julien-nc@posteo.net>

diff --git a/lib/private/Collaboration/Reference/File/FileReferenceProvider.php b/lib/private/Collaboration/Reference/File/FileReferenceProvider.php
index 4e6c7ea623f1fd9c08e381245bbe3806f4e7fd3a..95e49cdf860376c700dc73c960f655a1936fe88b 100644 (file)
--- a/lib/private/Collaboration/Reference/File/FileReferenceProvider.php
+++ b/lib/private/Collaboration/Reference/File/FileReferenceProvider.php
@@ -62,21 +62,21 @@ class FileReferenceProvider implements IReferenceProvider {
        }
 
        private function getFilesAppLinkId(string $referenceText): ?int {
-               $start = $this->urlGenerator->getAbsoluteURL('/apps/files');
-               $startIndex = $this->urlGenerator->getAbsoluteURL('/index.php/apps/files');
+               $start = $this->urlGenerator->getAbsoluteURL('/apps/files/');
+               $startIndex = $this->urlGenerator->getAbsoluteURL('/index.php/apps/files/');
 
                $fileId = null;
 
                if (mb_strpos($referenceText, $start) === 0) {
                        $parts = parse_url($referenceText);
-                       parse_str($parts['query'], $query);
+                       parse_str($parts['query'] ?? '', $query);
                        $fileId = isset($query['fileid']) ? (int)$query['fileid'] : $fileId;
                        $fileId = isset($query['openfile']) ? (int)$query['openfile'] : $fileId;
                }
 
                if (mb_strpos($referenceText, $startIndex) === 0) {
                        $parts = parse_url($referenceText);
-                       parse_str($parts['query'], $query);
+                       parse_str($parts['query'] ?? '', $query);
                        $fileId = isset($query['fileid']) ? (int)$query['fileid'] : $fileId;
                        $fileId = isset($query['openfile']) ? (int)$query['openfile'] : $fileId;
                }