summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJoas Schilling <coding@schilljs.com>2017-08-29 13:25:25 +0200
committerGitHub <noreply@github.com>2017-08-29 13:25:24 +0200
commit79a7b7f192e0b6e3b0c2c5fe76b8331b531c4cda (patch)
tree38bf14a0792f04bec231a25459a23cce78fd4151
parent7d8b7d4e4ea83fc31ea64446e9085185c476de09 (diff)
parent0aff1c9268e760c2e1164f85ea8414ad0d1fa91c (diff)
downloadnextcloud-server-79a7b7f192e0b6e3b0c2c5fe76b8331b531c4cda.tar.gz
nextcloud-server-79a7b7f192e0b6e3b0c2c5fe76b8331b531c4cda.zip
Merge pull request #6293 from nextcloud/less-user-enumeration
Return the user id in case of an error
Diffstat
-rw-r--r--core/Controller/AvatarController.php2
-rw-r--r--tests/Core/Controller/AvatarControllerTest.php2
2 files changed, 2 insertions, 2 deletions
diff --git a/core/Controller/AvatarController.php b/core/Controller/AvatarController.php
index cb0ece9fa45..e4d13d218a5 100644
--- a/core/Controller/AvatarController.php
+++ b/core/Controller/AvatarController.php
@@ -143,7 +143,7 @@ class AvatarController extends Controller {
} catch (\Exception $e) {
$resp = new JSONResponse([
'data' => [
- 'displayname' => '',
+ 'displayname' => $userId,
],
]);
}
diff --git a/tests/Core/Controller/AvatarControllerTest.php b/tests/Core/Controller/AvatarControllerTest.php
index b87f73366fa..1a1f1130480 100644
--- a/tests/Core/Controller/AvatarControllerTest.php
+++ b/tests/Core/Controller/AvatarControllerTest.php
@@ -169,7 +169,7 @@ class AvatarControllerTest extends \Test\TestCase {
//Comment out until JS is fixed
//$this->assertEquals(Http::STATUS_NOT_FOUND, $response->getStatus());
$this->assertEquals(Http::STATUS_OK, $response->getStatus());
- $this->assertEquals('', $response->getData()['data']['displayname']);
+ $this->assertEquals('userDoesNotExist', $response->getData()['data']['displayname']);
}
/**
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-23 01:51:30 +0000