From 6c1e896a03f20e568df5af1d547f46e2df9b71a9 Mon Sep 17 00:00:00 2001
From: Julius Härtl <jus@bitgrid.net>
Date: Fri, 21 Jun 2024 11:37:47 +0200
Subject: fix: Ignore preview requests for invalid file ids
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Julius Härtl <jus@bitgrid.net>
---
 apps/files/lib/Controller/ApiController.php | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'apps/files/lib')

diff --git a/apps/files/lib/Controller/ApiController.php b/apps/files/lib/Controller/ApiController.php
index 64082fbfd85..9cf634f9404 100644
--- a/apps/files/lib/Controller/ApiController.php
+++ b/apps/files/lib/Controller/ApiController.php
@@ -93,6 +93,10 @@ class ApiController extends Controller {
 				throw new NotFoundException();
 			}
 
+			if ($file->getId() <= 0) {
+				return new DataResponse(['message' => 'File not found.'], Http::STATUS_NOT_FOUND);
+			}
+
 			/** @var File $file */
 			$preview = $this->previewManager->getPreview($file, $x, $y, true);
 
-- 
cgit v1.2.3