diff options
author | provokateurin <kate@provokateurin.de> | 2024-08-14 09:29:30 +0200 |
---|---|---|
committer | provokateurin <kate@provokateurin.de> | 2024-08-14 09:29:30 +0200 |
commit | e77d6c913d8243889d49c81ee7f5604f15f6cf9b (patch) | |
tree | bb81e09b46bd973e250408b59801ad1cbd0d50bf /core/Controller/AvatarController.php | |
parent | a503125173ce438aa841a24a9108cb5c6bac27ac (diff) | |
download | nextcloud-server-e77d6c913d8243889d49c81ee7f5604f15f6cf9b.tar.gz nextcloud-server-e77d6c913d8243889d49c81ee7f5604f15f6cf9b.zip |
fix(core): Limit valid avatar sizes
Signed-off-by: provokateurin <kate@provokateurin.de>
Diffstat (limited to 'core/Controller/AvatarController.php')
-rw-r--r-- | core/Controller/AvatarController.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/core/Controller/AvatarController.php b/core/Controller/AvatarController.php index 3126b2600d9..5d117f6ae7f 100644 --- a/core/Controller/AvatarController.php +++ b/core/Controller/AvatarController.php @@ -55,7 +55,7 @@ class AvatarController extends Controller { * Get the dark avatar * * @param string $userId ID of the user - * @param int $size Size of the avatar + * @param 64|512 $size Size of the avatar * @param bool $guestFallback Fallback to guest avatar if not found * @return FileDisplayResponse<Http::STATUS_OK|Http::STATUS_CREATED, array{Content-Type: string, X-NC-IsCustomAvatar: int}>|JSONResponse<Http::STATUS_NOT_FOUND, array<empty>, array{}>|Response<Http::STATUS_INTERNAL_SERVER_ERROR, array{}> * @@ -89,7 +89,7 @@ class AvatarController extends Controller { ); } catch (\Exception $e) { if ($guestFallback) { - return $this->guestAvatarController->getAvatarDark($userId, (string)$size); + return $this->guestAvatarController->getAvatarDark($userId, $size); } return new JSONResponse([], Http::STATUS_NOT_FOUND); } @@ -106,7 +106,7 @@ class AvatarController extends Controller { * Get the avatar * * @param string $userId ID of the user - * @param int $size Size of the avatar + * @param 64|512 $size Size of the avatar * @param bool $guestFallback Fallback to guest avatar if not found * @return FileDisplayResponse<Http::STATUS_OK|Http::STATUS_CREATED, array{Content-Type: string, X-NC-IsCustomAvatar: int}>|JSONResponse<Http::STATUS_NOT_FOUND, array<empty>, array{}>|Response<Http::STATUS_INTERNAL_SERVER_ERROR, array{}> * @@ -140,7 +140,7 @@ class AvatarController extends Controller { ); } catch (\Exception $e) { if ($guestFallback) { - return $this->guestAvatarController->getAvatar($userId, (string)$size); + return $this->guestAvatarController->getAvatar($userId, $size); } return new JSONResponse([], Http::STATUS_NOT_FOUND); } |