clones/friendica
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix possible security issue

Browse Source
This commit is contained in:
Philipp 2022-11-02 19:58:01 +01:00
parent 1c80969db9
commit 89fde911f9
No known key found for this signature in database
GPG Key ID: 24A7501396EB5432
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/Module/Calendar/Export.php
View File

@ -58,6 +58,10 @@ class Export extends BaseModule
protected function rawContent(array $request = []) protected function rawContent(array $request = [])
{ {
if (!$this->session->getLocalUserId()) {
throw new HTTPException\UnauthorizedException($this->t('Permission denied.'));
}
$owner = User::getByNickname($this->parameters['nickname'], ['uid']); $owner = User::getByNickname($this->parameters['nickname'], ['uid']);
if (empty($owner)) { if (empty($owner)) {
throw new HTTPException\NotFoundException($this->t('User not found.')); throw new HTTPException\NotFoundException($this->t('User not found.'));