Merge pull request #14341 from rullzer/public_share_do_not_leak_mounttype

No more leaking of mounttype via metadata or icon in public shares.
author: Morris Jobke <hey@morrisjobke.de> 2015-07-09 09:41:27 +0200
committer: Morris Jobke <hey@morrisjobke.de> 2015-07-09 09:41:27 +0200
commit: 2b86ba43e33b2cd4339722548d22800ea4218a57 (patch)
tree: 1b20a9496231db6e19ac77bd6e6d35aac42415d0 /apps/files_sharing/ajax
parent: 6d9bb1736000ec8ae102521e4bb75d5b3bd2aef5 (diff)
parent: cf732c4d274a09597b813582fc2878777da3c36d (diff)
download: nextcloud-server-2b86ba43e33b2cd4339722548d22800ea4218a57.tar.gz
nextcloud-server-2b86ba43e33b2cd4339722548d22800ea4218a57.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/apps/files_sharing/ajax/list.php b/apps/files_sharing/ajax/list.php
index d09b61fd4ae..9185e508e67 100644
--- a/apps/files_sharing/ajax/list.php
+++ b/apps/files_sharing/ajax/list.php
@@ -71,6 +71,9 @@ foreach ($files as $file) {
 	unset($entry['directory']);
 	// do not disclose share owner
 	unset($entry['shareOwner']);
+	// do not disclose if something is a remote shares
+	unset($entry['mountType']);
+	unset($entry['icon']);
 	$entry['permissions'] = \OCP\Constants::PERMISSION_READ;
 	$formattedFiles[] = $entry;
 }
author	Morris Jobke <hey@morrisjobke.de>	2015-07-09 09:41:27 +0200
committer	Morris Jobke <hey@morrisjobke.de>	2015-07-09 09:41:27 +0200
commit	2b86ba43e33b2cd4339722548d22800ea4218a57 (patch)
tree	1b20a9496231db6e19ac77bd6e6d35aac42415d0 /apps/files_sharing/ajax
parent	6d9bb1736000ec8ae102521e4bb75d5b3bd2aef5 (diff)
parent	cf732c4d274a09597b813582fc2878777da3c36d (diff)
download	nextcloud-server-2b86ba43e33b2cd4339722548d22800ea4218a57.tar.gz nextcloud-server-2b86ba43e33b2cd4339722548d22800ea4218a57.zip