fix: Ignore preview requests for invalid file ids

Signed-off-by: Julius Härtl <jus@bitgrid.net>
author: Julius Härtl <jus@bitgrid.net> 2024-06-21 11:37:47 +0200
committer: Julius Härtl <jus@bitgrid.net> 2024-07-22 22:32:34 +0200
commit: 6c1e896a03f20e568df5af1d547f46e2df9b71a9 (patch)
tree: 7dfae53a850091e284cc713f0158378fe7c663bf /core/Controller/PreviewController.php
parent: 8cc996155e77e10a626906550a74953fb4a6928d (diff)
download: nextcloud-server-6c1e896a03f20e568df5af1d547f46e2df9b71a9.tar.gz
nextcloud-server-6c1e896a03f20e568df5af1d547f46e2df9b71a9.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/core/Controller/PreviewController.php b/core/Controller/PreviewController.php
index ffe761fd706..4ace295a6aa 100644
--- a/core/Controller/PreviewController.php
+++ b/core/Controller/PreviewController.php
@@ -141,6 +141,10 @@ class PreviewController extends Controller {
 			return new DataResponse([], Http::STATUS_FORBIDDEN);
 		}
 
+		if ($node->getId() <= 0) {
+			return new DataResponse([], Http::STATUS_NOT_FOUND);
+		}
+
 		$storage = $node->getStorage();
 		if ($storage->instanceOfStorage(SharedStorage::class)) {
 			/** @var SharedStorage $storage */
author	Julius Härtl <jus@bitgrid.net>	2024-06-21 11:37:47 +0200
committer	Julius Härtl <jus@bitgrid.net>	2024-07-22 22:32:34 +0200
commit	6c1e896a03f20e568df5af1d547f46e2df9b71a9 (patch)
tree	7dfae53a850091e284cc713f0158378fe7c663bf /core/Controller/PreviewController.php
parent	8cc996155e77e10a626906550a74953fb4a6928d (diff)
download	nextcloud-server-6c1e896a03f20e568df5af1d547f46e2df9b71a9.tar.gz nextcloud-server-6c1e896a03f20e568df5af1d547f46e2df9b71a9.zip