From af91efd3150b11d714cacace2a2022df8be26fa2 Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Mon, 16 Dec 2019 18:51:19 +0100 Subject: when downloading from web, skip files that are not accessible * avoids a 403, but enables download of resources that are not restricted * single file downloads still cause 403 Signed-off-by: Arthur Schiwon --- lib/private/legacy/files.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'lib/private/legacy/files.php') diff --git a/lib/private/legacy/files.php b/lib/private/legacy/files.php index 28396a9d076..ed26a125a6f 100644 --- a/lib/private/legacy/files.php +++ b/lib/private/legacy/files.php @@ -180,7 +180,11 @@ class OC_Files { $userFolder = \OC::$server->getRootFolder()->get(\OC\Files\Filesystem::getRoot()); $file = $userFolder->get($file); if($file instanceof \OC\Files\Node\File) { - $fh = $file->fopen('r'); + try { + $fh = $file->fopen('r'); + } catch (\OCP\Files\NotPermittedException $e) { + continue; + } $fileSize = $file->getSize(); $fileTime = $file->getMTime(); } else { @@ -309,7 +313,7 @@ class OC_Files { OC_Util::obEnd(); $view->lockFile($filename, ILockingProvider::LOCK_SHARED); - + $rangeArray = array(); if (isset($params['range']) && substr($params['range'], 0, 6) === 'bytes=') { -- cgit v1.2.3