From ed3156e24e00347a60eff777e85d6a587828f700 Mon Sep 17 00:00:00 2001 From: Matt Van Horn <455140+mvanhorn@users.noreply.github.com> Date: Fri, 27 Mar 2026 06:13:53 -0700 Subject: [PATCH 1/6] fix(files_sharing): validate input in PublicPreviewController#getPreview Return 400 Bad Request when the file parameter is empty and the shared node is a folder, instead of passing the folder itself to getPreview which triggers an internal server error. Also rename the local variable to $fileNode to prevent the catch block from calling getMimeType() on the original string parameter when get() throws NotFoundException. Fixes #59229 Signed-off-by: Matt Van Horn Co-Authored-By: Claude Opus 4.6 --- .../lib/Controller/PublicPreviewController.php | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/apps/files_sharing/lib/Controller/PublicPreviewController.php b/apps/files_sharing/lib/Controller/PublicPreviewController.php index 9056161af84fe..d94be08804cf5 100644 --- a/apps/files_sharing/lib/Controller/PublicPreviewController.php +++ b/apps/files_sharing/lib/Controller/PublicPreviewController.php @@ -122,19 +122,22 @@ public function getPreview( try { $node = $share->getNode(); if ($node instanceof Folder) { - $file = $node->get($file); + if ($file === '') { + return new DataResponse([], Http::STATUS_BAD_REQUEST); + } + $fileNode = $node->get($file); } else { - $file = $node; + $fileNode = $node; } - $f = $this->previewManager->getPreview($file, $x, $y, !$a); + $f = $this->previewManager->getPreview($fileNode, $x, $y, !$a); $response = new FileDisplayResponse($f, Http::STATUS_OK, ['Content-Type' => $f->getMimeType()]); $response->cacheFor($cacheForSeconds); return $response; } catch (NotFoundException $e) { // If we have no preview enabled, we can redirect to the mime icon if any - if ($mimeFallback) { - if ($url = $this->mimeIconProvider->getMimeIconUrl($file->getMimeType())) { + if ($mimeFallback && isset($fileNode) && !($fileNode instanceof Folder)) { + if ($url = $this->mimeIconProvider->getMimeIconUrl($fileNode->getMimeType())) { return new RedirectResponse($url); } } From 310d3cc1f16b621d689d99d3eae080be5316d513 Mon Sep 17 00:00:00 2001 From: Josh Date: Sat, 28 Mar 2026 09:17:38 -0400 Subject: [PATCH 2/6] chore(sharing): update docblock for PublicPreviewController::getPreview Signed-off-by: Josh --- .../lib/Controller/PublicPreviewController.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/apps/files_sharing/lib/Controller/PublicPreviewController.php b/apps/files_sharing/lib/Controller/PublicPreviewController.php index d94be08804cf5..f51b10688f240 100644 --- a/apps/files_sharing/lib/Controller/PublicPreviewController.php +++ b/apps/files_sharing/lib/Controller/PublicPreviewController.php @@ -59,12 +59,14 @@ protected function isPasswordProtected(): bool { return $this->share->getPassword() !== null; } - /** - * Get a preview for a shared file + * Get a preview for a public share. + * + * For shares pointing to a single file, the $file parameter is ignored and may be empty. + * For folder shares, $file must be the relative path to a file inside the shared folder. * * @param string $token Token of the share - * @param string $file File in the share + * @param string $file Relative path to a file inside a shared folder; ignored for single-file shares * @param int $x Width of the preview * @param int $y Height of the preview * @param bool $a Whether to not crop the preview From ebb7bc2444e5e08e2153c00e2d3f4eeb4b87e916 Mon Sep 17 00:00:00 2001 From: Josh Date: Sun, 29 Mar 2026 09:35:15 -0400 Subject: [PATCH 3/6] refactor(files_sharing): improve PublicPreviewController::getPreview variable naming And slightly streamline the logic for clarity. Signed-off-by: Josh --- .../Controller/PublicPreviewController.php | 35 ++++++++++++------- 1 file changed, 23 insertions(+), 12 deletions(-) diff --git a/apps/files_sharing/lib/Controller/PublicPreviewController.php b/apps/files_sharing/lib/Controller/PublicPreviewController.php index f51b10688f240..221b8a8525525 100644 --- a/apps/files_sharing/lib/Controller/PublicPreviewController.php +++ b/apps/files_sharing/lib/Controller/PublicPreviewController.php @@ -16,6 +16,7 @@ use OCP\AppFramework\Http\RedirectResponse; use OCP\AppFramework\PublicShareController; use OCP\Constants; +use OCP\Files\File; use OCP\Files\Folder; use OCP\Files\NotFoundException; use OCP\IPreview; @@ -28,8 +29,7 @@ class PublicPreviewController extends PublicShareController { - /** @var IShare */ - private $share; + private IShare $share; public function __construct( string $appName, @@ -62,7 +62,7 @@ protected function isPasswordProtected(): bool { /** * Get a preview for a public share. * - * For shares pointing to a single file, the $file parameter is ignored and may be empty. + * For shares pointing to a single file, the $file parameter is ignored. * For folder shares, $file must be the relative path to a file inside the shared folder. * * @param string $token Token of the share @@ -121,25 +121,36 @@ public function getPreview( return new DataResponse([], Http::STATUS_FORBIDDEN); } + $previewFile = null; + try { - $node = $share->getNode(); - if ($node instanceof Folder) { + $shareNode = $share->getNode(); + if ($shareNode instanceof Folder) { if ($file === '') { return new DataResponse([], Http::STATUS_BAD_REQUEST); } - $fileNode = $node->get($file); + + $previewFile = $shareNode->get($file); + if ($previewFile instanceof Folder) { + return new DataResponse([], Http::STATUS_BAD_REQUEST); + } } else { - $fileNode = $node; + $previewFile = $shareNode; } - $f = $this->previewManager->getPreview($fileNode, $x, $y, !$a); - $response = new FileDisplayResponse($f, Http::STATUS_OK, ['Content-Type' => $f->getMimeType()]); + $preview = $this->previewManager->getPreview($previewFile, $x, $y, !$a); + $response = new FileDisplayResponse( + $preview, + Http::STATUS_OK, + ['Content-Type' => $preview->getMimeType()] + ); + $response->cacheFor($cacheForSeconds); return $response; } catch (NotFoundException $e) { - // If we have no preview enabled, we can redirect to the mime icon if any - if ($mimeFallback && isset($fileNode) && !($fileNode instanceof Folder)) { - if ($url = $this->mimeIconProvider->getMimeIconUrl($fileNode->getMimeType())) { + // If a preview could not be generated for a resolved file, we can redirect to the mime icon if any + if ($mimeFallback && $previewFile instanceof File) { + if ($url = $this->mimeIconProvider->getMimeIconUrl($previewFile->getMimeType())) { return new RedirectResponse($url); } } From 06d45f11984cf6f41ed181692176e097af8b76f5 Mon Sep 17 00:00:00 2001 From: Josh Date: Sun, 29 Mar 2026 09:45:55 -0400 Subject: [PATCH 4/6] test(files_sharing): add regression coverage for PublicPreviewController#getPreview edge cases Signed-off-by: Josh --- .../PublicPreviewControllerTest.php | 90 ++++++++++++++++++- 1 file changed, 89 insertions(+), 1 deletion(-) diff --git a/apps/files_sharing/tests/Controller/PublicPreviewControllerTest.php b/apps/files_sharing/tests/Controller/PublicPreviewControllerTest.php index 94ecd0bc23e43..0d71b12ca9637 100644 --- a/apps/files_sharing/tests/Controller/PublicPreviewControllerTest.php +++ b/apps/files_sharing/tests/Controller/PublicPreviewControllerTest.php @@ -10,6 +10,7 @@ use OCP\AppFramework\Http; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\Http\FileDisplayResponse; +use OCP\AppFramework\Http\RedirectResponse; use OCP\AppFramework\Utility\ITimeFactory; use OCP\Constants; use OCP\Files\File; @@ -32,6 +33,7 @@ class PublicPreviewControllerTest extends TestCase { private IManager&MockObject $shareManager; private ITimeFactory&MockObject $timeFactory; private IRequest&MockObject $request; + private IMimeIconProvider&MockObject $mimeIconProvider; private PublicPreviewController $controller; @@ -42,6 +44,7 @@ protected function setUp(): void { $this->shareManager = $this->createMock(IManager::class); $this->timeFactory = $this->createMock(ITimeFactory::class); $this->request = $this->createMock(IRequest::class); + $this->mimeIconProvider = $this->createMock(IMimeIconProvider::class); $this->timeFactory->method('getTime') ->willReturn(1337); @@ -54,7 +57,7 @@ protected function setUp(): void { $this->shareManager, $this->createMock(ISession::class), $this->previewManager, - $this->createMock(IMimeIconProvider::class), + $this->mimeIconProvider, ); } @@ -252,6 +255,91 @@ public function testPreviewFolderInvalidFile(): void { $this->assertEquals($expected, $res); } + public function testPreviewFolderEmptyFileReturnsBadRequest(): void { + $share = $this->createMock(IShare::class); + $this->shareManager->method('getShareByToken') + ->with($this->equalTo('token')) + ->willReturn($share); + + $share->method('getPermissions') + ->willReturn(Constants::PERMISSION_READ); + + $folder = $this->createMock(Folder::class); + $share->method('getNode') + ->willReturn($folder); + + $share->method('canSeeContent') + ->willReturn(true); + + $res = $this->controller->getPreview('token', '', 10, 10, true); + $expected = new DataResponse([], Http::STATUS_BAD_REQUEST); + $this->assertEquals($expected, $res); + } + + public function testPreviewFolderInvalidFileWithMimeFallbackReturnsNotFound(): void { + $share = $this->createMock(IShare::class); + $this->shareManager->method('getShareByToken') + ->with($this->equalTo('token')) + ->willReturn($share); + + $share->method('getPermissions') + ->willReturn(Constants::PERMISSION_READ); + + $folder = $this->createMock(Folder::class); + $share->method('getNode') + ->willReturn($folder); + + $share->method('canSeeContent') + ->willReturn(true); + + $folder->method('get') + ->with($this->equalTo('file')) + ->willThrowException(new NotFoundException()); + + $this->mimeIconProvider->expects($this->never()) + ->method('getMimeIconUrl'); + + $res = $this->controller->getPreview('token', 'file', 10, 10, true); + $expected = new DataResponse([], Http::STATUS_NOT_FOUND); + $this->assertEquals($expected, $res); + } + + public function testPreviewFolderValidFileMimeFallbackRedirectsWhenPreviewMissing(): void { + $share = $this->createMock(IShare::class); + $this->shareManager->method('getShareByToken') + ->with($this->equalTo('token')) + ->willReturn($share); + + $share->method('getPermissions') + ->willReturn(Constants::PERMISSION_READ); + + $folder = $this->createMock(Folder::class); + $share->method('getNode') + ->willReturn($folder); + + $share->method('canSeeContent') + ->willReturn(true); + + $file = $this->createMock(File::class); + $folder->method('get') + ->with($this->equalTo('file')) + ->willReturn($file); + + $file->method('getMimeType') + ->willReturn('text/plain'); + + $this->previewManager->method('getPreview') + ->with($this->equalTo($file), 10, 10, false) + ->willThrowException(new NotFoundException()); + + $this->mimeIconProvider->method('getMimeIconUrl') + ->with('text/plain') + ->willReturn('/icon-url'); + + $res = $this->controller->getPreview('token', 'file', 10, 10, true); + $expected = new RedirectResponse('/icon-url'); + $this->assertEquals($expected, $res); + } public function testPreviewFolderValidFile(): void { $share = $this->createMock(IShare::class); From 591877b20acc2cdb5fcac212aca48032cecca60b Mon Sep 17 00:00:00 2001 From: Josh Date: Sun, 29 Mar 2026 10:06:26 -0400 Subject: [PATCH 5/6] test(files_sharing): make PublicPreviewController flag usage explicit in tests Signed-off-by: Josh --- .../Controller/PublicPreviewControllerTest.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/apps/files_sharing/tests/Controller/PublicPreviewControllerTest.php b/apps/files_sharing/tests/Controller/PublicPreviewControllerTest.php index 0d71b12ca9637..583e773103122 100644 --- a/apps/files_sharing/tests/Controller/PublicPreviewControllerTest.php +++ b/apps/files_sharing/tests/Controller/PublicPreviewControllerTest.php @@ -156,7 +156,7 @@ public function testShareNoDownloadButPreviewHeader() { $preview->method('getMimeType') ->willReturn('myMime'); - $res = $this->controller->getPreview('token', 'file', 10, 10, true); + $res = $this->controller->getPreview('token', 'file', 10, 10, true, false); $expected = new FileDisplayResponse($preview, Http::STATUS_OK, ['Content-Type' => 'myMime']); $expected->cacheFor(15 * 60); $this->assertEquals($expected, $res); @@ -192,7 +192,7 @@ public function testShareWithAttributes() { $preview->method('getMimeType') ->willReturn('myMime'); - $res = $this->controller->getPreview('token', 'file', 10, 10, true); + $res = $this->controller->getPreview('token', 'file', 10, 10, true, false); $expected = new FileDisplayResponse($preview, Http::STATUS_OK, ['Content-Type' => 'myMime']); $expected->cacheFor(3600 * 24); $this->assertEquals($expected, $res); @@ -224,7 +224,7 @@ public function testPreviewFile() { $preview->method('getMimeType') ->willReturn('myMime'); - $res = $this->controller->getPreview('token', 'file', 10, 10, true); + $res = $this->controller->getPreview('token', 'file', 10, 10, true, false); $expected = new FileDisplayResponse($preview, Http::STATUS_OK, ['Content-Type' => 'myMime']); $expected->cacheFor(3600 * 24); $this->assertEquals($expected, $res); @@ -250,7 +250,7 @@ public function testPreviewFolderInvalidFile(): void { ->with($this->equalTo('file')) ->willThrowException(new NotFoundException()); - $res = $this->controller->getPreview('token', 'file', 10, 10, true); + $res = $this->controller->getPreview('token', 'file', 10, 10, true, false); $expected = new DataResponse([], Http::STATUS_NOT_FOUND); $this->assertEquals($expected, $res); } @@ -271,7 +271,7 @@ public function testPreviewFolderEmptyFileReturnsBadRequest(): void { $share->method('canSeeContent') ->willReturn(true); - $res = $this->controller->getPreview('token', '', 10, 10, true); + $res = $this->controller->getPreview('token', '', 10, 10, false, false); $expected = new DataResponse([], Http::STATUS_BAD_REQUEST); $this->assertEquals($expected, $res); } @@ -299,7 +299,7 @@ public function testPreviewFolderInvalidFileWithMimeFallbackReturnsNotFound(): v $this->mimeIconProvider->expects($this->never()) ->method('getMimeIconUrl'); - $res = $this->controller->getPreview('token', 'file', 10, 10, true); + $res = $this->controller->getPreview('token', 'file', 10, 10, false, true); $expected = new DataResponse([], Http::STATUS_NOT_FOUND); $this->assertEquals($expected, $res); } @@ -336,7 +336,7 @@ public function testPreviewFolderValidFileMimeFallbackRedirectsWhenPreviewMissin ->with('text/plain') ->willReturn('/icon-url'); - $res = $this->controller->getPreview('token', 'file', 10, 10, true); + $res = $this->controller->getPreview('token', 'file', 10, 10, false, true); $expected = new RedirectResponse('/icon-url'); $this->assertEquals($expected, $res); } @@ -372,7 +372,7 @@ public function testPreviewFolderValidFile(): void { $preview->method('getMimeType') ->willReturn('myMime'); - $res = $this->controller->getPreview('token', 'file', 10, 10, true); + $res = $this->controller->getPreview('token', 'file', 10, 10, true, false); $expected = new FileDisplayResponse($preview, Http::STATUS_OK, ['Content-Type' => 'myMime']); $expected->cacheFor(3600 * 24); $this->assertEquals($expected, $res); From e281c824d8b33cd3331dc419c3da8d6827d8d3ba Mon Sep 17 00:00:00 2001 From: Josh Date: Sun, 29 Mar 2026 10:25:52 -0400 Subject: [PATCH 6/6] chore: fixup PublicPreviewControllerTest getPreview expected crop boolean Signed-off-by: Josh --- .../tests/Controller/PublicPreviewControllerTest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/files_sharing/tests/Controller/PublicPreviewControllerTest.php b/apps/files_sharing/tests/Controller/PublicPreviewControllerTest.php index 583e773103122..e8b3682f0e6c5 100644 --- a/apps/files_sharing/tests/Controller/PublicPreviewControllerTest.php +++ b/apps/files_sharing/tests/Controller/PublicPreviewControllerTest.php @@ -329,7 +329,7 @@ public function testPreviewFolderValidFileMimeFallbackRedirectsWhenPreviewMissin ->willReturn('text/plain'); $this->previewManager->method('getPreview') - ->with($this->equalTo($file), 10, 10, false) + ->with($this->equalTo($file), 10, 10, true) ->willThrowException(new NotFoundException()); $this->mimeIconProvider->method('getMimeIconUrl')