diff options
| author | Julius Härtl <jus@bitgrid.net> | 2017-09-20 13:33:42 +0200 |
|---|---|---|
| committer | Julius Härtl <jus@bitgrid.net> | 2017-10-03 15:32:50 +0200 |
| commit | c0d104087b28316281bcda65262e03856b89bed7 (patch) | |
| tree | 7c4e9c66d17e5bccd0b14c28a0c96df7c6a228eb /apps/theming/lib/Controller | |
| parent | c337c8fa454366384bec12e889e4dd371c0a67f7 (diff) | |
| download | nextcloud-server-c0d104087b28316281bcda65262e03856b89bed7.tar.gz nextcloud-server-c0d104087b28316281bcda65262e03856b89bed7.zip | |
Theming: Check valid image format also for logo
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Diffstat (limited to 'apps/theming/lib/Controller')
| -rw-r--r-- | apps/theming/lib/Controller/ThemingController.php | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/apps/theming/lib/Controller/ThemingController.php b/apps/theming/lib/Controller/ThemingController.php index e73fc16b20b..e6aa3a380b7 100644 --- a/apps/theming/lib/Controller/ThemingController.php +++ b/apps/theming/lib/Controller/ThemingController.php @@ -248,6 +248,18 @@ class ThemingController extends Controller { if (!empty($newLogo)) { $target = $folder->newFile('logo'); + $supportedFormats = ['image/jpeg', 'image/png', 'image/gif', 'image/svg+xml', 'text/svg']; + if (!in_array($newLogo['type'], $supportedFormats)) { + return new DataResponse( + [ + 'data' => [ + 'message' => $this->l10n->t('Unsupported image type'), + ], + 'status' => 'failure', + ], + Http::STATUS_UNPROCESSABLE_ENTITY + ); + } $target->putContent(file_get_contents($newLogo['tmp_name'], 'r')); $this->themingDefaults->set('logoMime', $newLogo['type']); $name = $newLogo['name']; |