diff options
| author | Morris Jobke <hey@morrisjobke.de> | 2019-05-24 16:09:01 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-05-24 16:09:01 +0200 |
| commit | 67432a2141d83a1bb709e54ec774658e820bc8e2 (patch) | |
| tree | 350433467299a2143db02f971615112a21e478bc /lib | |
| parent | e7ae8511fb90a282c96a31bfb2b25ca0dfb6000a (diff) | |
| parent | 96e51b5f6f36c9008548ee50100838ff7d0e26bc (diff) | |
| download | nextcloud-server-67432a2141d83a1bb709e54ec774658e820bc8e2.tar.gz nextcloud-server-67432a2141d83a1bb709e54ec774658e820bc8e2.zip | |
Merge pull request #15700 from nextcloud/fix/open_multiple_link_shares
Redirect to the right token on public shares
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/public/AppFramework/AuthPublicShareController.php | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/lib/public/AppFramework/AuthPublicShareController.php b/lib/public/AppFramework/AuthPublicShareController.php index ffd2bddd24b..37a8cedcd7e 100644 --- a/lib/public/AppFramework/AuthPublicShareController.php +++ b/lib/public/AppFramework/AuthPublicShareController.php @@ -185,6 +185,20 @@ abstract class AuthPublicShareController extends PublicShareController { $route = $params['_route']; unset($params['_route']); } + + // If the token doesn't match the rest of the arguments can't be trusted either + if (isset($params['token']) && $params['token'] !== $this->getToken()) { + $params = [ + 'token' => $this->getToken(), + ]; + } + + // We need a token + if (!isset($params['token'])) { + $params = [ + 'token' => $this->getToken(), + ]; + } } return new RedirectResponse($this->urlGenerator->linkToRoute($route, $params)); |