Merge pull request #36022 from nextcloud/backport/36016/stable25

[stable25] Add restrictions when downloading to resolve with opengraph link provider

1 files changed, 16 insertions, 0 deletions

diff --git a/lib/private/Collaboration/Reference/LinkReferenceProvider.php b/lib/private/Collaboration/Reference/LinkReferenceProvider.php
index 5597df1ca97..583cbdcfe99 100644
--- a/lib/private/Collaboration/Reference/LinkReferenceProvider.php
+++ b/lib/private/Collaboration/Reference/LinkReferenceProvider.php
@@ -105,6 +105,22 @@ class LinkReferenceProvider implements IReferenceProvider {
 
 		$client = $this->clientService->newClient();
 		try {
+			$headResponse = $client->head($reference->getId(), [ 'timeout' => 10 ]);
+		} catch (\Exception $e) {
+			$this->logger->debug('Failed to perform HEAD request to get target metadata', ['exception' => $e]);
+			return;
+		}
+		$linkContentLength = $headResponse->getHeader('Content-Length');
+		if (is_numeric($linkContentLength) && (int) $linkContentLength > 5 * 1024 * 1024) {
+			$this->logger->debug('Skip resolving links pointing to content length > 5 MB');
+			return;
+		}
+		$linkContentType = $headResponse->getHeader('Content-Type');
+		if ($linkContentType !== 'text/html') {
+			$this->logger->debug('Skip resolving links pointing to content type that is not "text/html"');
+			return;
+		}
+		try {
 			$response = $client->get($reference->getId(), [ 'timeout' => 10 ]);
 		} catch (\Exception $e) {
 			$this->logger->debug('Failed to fetch link for obtaining open graph data', ['exception' => $e]);