diff options
| author | Joas Schilling <coding@schilljs.com> | 2020-03-12 11:26:31 +0100 |
|---|---|---|
| committer | Georg Ehrke <developer@georgehrke.com> | 2020-04-15 15:49:39 +0200 |
| commit | 648c8df51645147f99fd687511003062ae01978c (patch) | |
| tree | 54c978f8b7a24aa52dd341a17828a5b5326c8583 /apps/dav | |
| parent | bb754cb363ef4a7b5f0fd4a8a9c9baf1c699b571 (diff) | |
| download | nextcloud-server-648c8df51645147f99fd687511003062ae01978c.tar.gz nextcloud-server-648c8df51645147f99fd687511003062ae01978c.zip | |
Don't populate the PHOTO property when it's not an image
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'apps/dav')
| -rw-r--r-- | apps/dav/lib/CardDAV/CardDavBackend.php | 27 | ||||
| -rw-r--r-- | apps/dav/lib/CardDAV/HasPhotoPlugin.php | 7 |
2 files changed, 31 insertions, 3 deletions
diff --git a/apps/dav/lib/CardDAV/CardDavBackend.php b/apps/dav/lib/CardDAV/CardDavBackend.php index 1f87ca5f7c1..bfdf7e53f40 100644 --- a/apps/dav/lib/CardDAV/CardDavBackend.php +++ b/apps/dav/lib/CardDAV/CardDavBackend.php @@ -874,10 +874,33 @@ class CardDavBackend implements BackendInterface, SyncSupport { private function readBlob($cardData) { if (is_resource($cardData)) { - return stream_get_contents($cardData); + $cardData = stream_get_contents($cardData); } - return $cardData; + $cardDataArray = explode("\r\n", $cardData); + + $cardDataFiltered = []; + $removingPhoto = false; + foreach ($cardDataArray as $line) { + if (strpos($line, 'PHOTO:data:') === 0 + && strpos($line, 'PHOTO:data:image/') !== 0) { + // Filter out PHOTO data of non-images + $removingPhoto = true; + continue; + } + + if ($removingPhoto) { + if (strpos($line, ' ') === 0) { + continue; + } + // No leading space means this is a new property + $removingPhoto = false; + } + + $cardDataFiltered[] = $line; + } + + return implode("\r\n", $cardDataFiltered); } /** diff --git a/apps/dav/lib/CardDAV/HasPhotoPlugin.php b/apps/dav/lib/CardDAV/HasPhotoPlugin.php index bb847e74a37..cf9d68e14a4 100644 --- a/apps/dav/lib/CardDAV/HasPhotoPlugin.php +++ b/apps/dav/lib/CardDAV/HasPhotoPlugin.php @@ -62,7 +62,12 @@ class HasPhotoPlugin extends ServerPlugin { if ($node instanceof Card) { $propFind->handle($ns . 'has-photo', function () use ($node) { $vcard = Reader::read($node->get()); - return ($vcard instanceof VCard && $vcard->PHOTO); + return $vcard instanceof VCard + && $vcard->PHOTO + // Either the PHOTO is a url (doesn't start with data:) or the mimetype has to start with image/ + && (strpos($vcard->PHOTO->getValue(), 'data:') !== 0 + || strpos($vcard->PHOTO->getValue(), 'data:image/') === 0) + ; }); } } |