Browse Source
Do not use file as template parameter
Using file will overwrite the $file parameter in the template base. Leading to trying to include a file that is the exception message. Which will of course fail. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>tags/v14.0.0beta4
Roeland Jago Douma
5 years ago
3 changed files with 3 additions and 3 deletions
+ 1
- 1
core/templates/403.php
View File
| @@ -12,6 +12,6 @@ if(!isset($_)) {//standalone page is not supported anymore - redirect to / | |||
| <ul> | |||
| <li class='error'> | |||
| <?php p($l->t( 'Access forbidden' )); ?><br> | |||
| <p class='hint'><?php if(isset($_['file'])) p($_['file'])?></p> | |||
| <p class='hint'><?php if(isset($_['message'])) p($_['message'])?></p> | |||
| </li> | |||
| </ul> | |||
+ 1
- 1
lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php
View File
| @@ -249,7 +249,7 @@ class SecurityMiddleware extends Middleware { | |||
| $url = $this->urlGenerator->linkToRoute('core.login.showLoginForm', $params); | |||
| $response = new RedirectResponse($url); | |||
| } else { | |||
| $response = new TemplateResponse('core', '403', ['file' => $exception->getMessage()], 'guest'); | |||
| $response = new TemplateResponse('core', '403', ['message' => $exception->getMessage()], 'guest'); | |||
| $response->setStatus($exception->getCode()); | |||
| } | |||
| } | |||
+ 1
- 1
tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php
View File
| @@ -568,7 +568,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { | |||
| 'test', | |||
| $exception | |||
| ); | |||
| $expected = new TemplateResponse('core', '403', ['file' => $exception->getMessage()], 'guest'); | |||
| $expected = new TemplateResponse('core', '403', ['message' => $exception->getMessage()], 'guest'); | |||
| $expected->setStatus($exception->getCode()); | |||
| $this->assertEquals($expected , $response); | |||
| } | |||
Loading…