diff options
| -rw-r--r-- | config/config.sample.php | 2 | ||||
| -rw-r--r-- | core/Controller/UnifiedSearchController.php | 7 | ||||
| -rw-r--r-- | core/openapi.json | 2 | ||||
| -rw-r--r-- | lib/private/Authentication/Token/PublicKeyTokenProvider.php | 2 | ||||
| -rw-r--r-- | lib/private/Preview/SVG.php | 2 | ||||
| -rw-r--r-- | tests/lib/Preview/SVGTest.php | 29 |
6 files changed, 39 insertions, 5 deletions
diff --git a/config/config.sample.php b/config/config.sample.php index c6fab26665d..288ea7e4a9b 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -376,7 +376,7 @@ $CONFIG = [ * Tokens are still checked every 5 minutes for validity * max value: 300 * - * Defaults to ``300`` + * Defaults to ``60`` */ 'token_auth_activity_update' => 60, diff --git a/core/Controller/UnifiedSearchController.php b/core/Controller/UnifiedSearchController.php index 469c6c6ed7b..3df7749ce72 100644 --- a/core/Controller/UnifiedSearchController.php +++ b/core/Controller/UnifiedSearchController.php @@ -92,7 +92,7 @@ class UnifiedSearchController extends OCSController { * @param string $providerId ID of the provider * @param string $term Term to search * @param int|null $sortOrder Order of entries - * @param int|null $limit Maximum amount of entries + * @param int|null $limit Maximum amount of entries, limited to 25 * @param int|string|null $cursor Offset for searching * @param string $from The current user URL * @@ -113,6 +113,9 @@ class UnifiedSearchController extends OCSController { ): DataResponse { [$route, $routeParameters] = $this->getRouteInformation($from); + $limit ??= SearchQuery::LIMIT_DEFAULT; + $limit = max(1, min($limit, 25)); + try { $filters = $this->composer->buildFilterList($providerId, $this->request->getParams()); } catch (UnsupportedFilter|InvalidArgumentException $e) { @@ -125,7 +128,7 @@ class UnifiedSearchController extends OCSController { new SearchQuery( $filters, $sortOrder ?? ISearchQuery::SORT_DATE_DESC, - $limit ?? SearchQuery::LIMIT_DEFAULT, + $limit, $cursor, $route, $routeParameters diff --git a/core/openapi.json b/core/openapi.json index 7563406dba0..b6268ac1317 100644 --- a/core/openapi.json +++ b/core/openapi.json @@ -7006,7 +7006,7 @@ { "name": "limit", "in": "query", - "description": "Maximum amount of entries", + "description": "Maximum amount of entries, limited to 25", "schema": { "type": "integer", "format": "int64", diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php index 3a15ba006d4..ea1e5484dda 100644 --- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php +++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php @@ -308,6 +308,8 @@ class PublicKeyTokenProvider implements IProvider { if (!($token instanceof PublicKeyToken)) { throw new InvalidTokenException("Invalid token type"); } + $now = $this->time->getTime(); + $token->setLastActivity($now); $this->mapper->update($token); $this->cacheToken($token); } diff --git a/lib/private/Preview/SVG.php b/lib/private/Preview/SVG.php index 207c9dfb021..0400038d980 100644 --- a/lib/private/Preview/SVG.php +++ b/lib/private/Preview/SVG.php @@ -50,7 +50,7 @@ class SVG extends ProviderV2 { } // Do not parse SVG files with references - if (stripos($content, 'xlink:href') !== false) { + if (preg_match('/["\s](xlink:)?href\s*=/i', $content)) { return null; } diff --git a/tests/lib/Preview/SVGTest.php b/tests/lib/Preview/SVGTest.php index 8764f3a5a9f..6a0e93e5f79 100644 --- a/tests/lib/Preview/SVGTest.php +++ b/tests/lib/Preview/SVGTest.php @@ -29,4 +29,33 @@ class SVGTest extends Provider { $this->markTestSkipped('No SVG provider present'); } } + + public function dataGetThumbnailSVGHref(): array { + return [ + ['href'], + [' href'], + ["\nhref"], + ['xlink:href'], + [' xlink:href'], + ["\nxlink:href"], + ]; + } + + /** + * @dataProvider dataGetThumbnailSVGHref + * @requires extension imagick + */ + public function testGetThumbnailSVGHref(string $content): void { + $handle = fopen('php://temp', 'w+'); + fwrite($handle, '<svg viewBox="0 0 100 100" xmlns="http://www.w3.org/2000/svg"> + <image x="0" y="0"' . $content . '="fxlogo.png" height="100" width="100" /> +</svg>'); + rewind($handle); + + $file = $this->createMock(\OCP\Files\File::class); + $file->method('fopen') + ->willReturn($handle); + + self::assertNull($this->provider->getThumbnail($file, 512, 512)); + } } |