nextcloud
/
server
mirror of https://github.com/nextcloud/server
0
0
Fork 0
Code Issues Releases Wiki Activity

Do not redirect if requested CSS can not be found 

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
This commit is contained in:
Christoph Wurst 2022-07-08 18:28:14 +02:00
parent fe2f8b5d18
commit a1149b0378
No known key found for this signature in database
GPG Key ID: CC42AC2A7F0E56D8
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/base.php
View File

@ -1055,6 +1055,15 @@ class OC {
return;
}
// Handle resources that can't be found
// This prevents browsers from redirecting to the default page and then
// attempting to parse HTML as CSS and similar.
$destinationHeader = $request->getHeader('Sec-Fetch-Dest');
if (in_array($destinationHeader, ['font', 'script', 'style'])) {
http_response_code(404);
return;
}
// Someone is logged in
if (\OC::$server->getUserSession()->isLoggedIn()) {
OC_App::loadApps();