Skip to content

Commit

Permalink
Merge pull request #3042 from nextcloud/bugfix/noid/mark-sensitive-pa…
Browse files Browse the repository at this point in the history 
…rameter-as-such
  • Loading branch information
@juliushaertl
juliushaertl authored Jul 17, 2023
2 parents 375f40b + 6f3f8b8 commit 64dda2e
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 2 deletions.
5 changes: 5 additions & 0 deletions lib/AppInfo/Application.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@
use OCA\Files_Sharing\Event\ShareLinkAccessedEvent;
use OCA\Richdocuments\AppConfig;
use OCA\Richdocuments\Capabilities;
use OCA\Richdocuments\Db\WopiMapper;
use OCA\Richdocuments\Listener\BeforeFetchPreviewListener;
use OCA\Richdocuments\Listener\CSPListener;
use OCA\Richdocuments\Listener\FileCreatedFromTemplateListener;
Expand Down Expand Up @@ -80,6 +81,10 @@ public function register(IRegistrationContext $context): void {
$context->registerEventListener(BeforePreviewFetchedEvent::class, BeforeFetchPreviewListener::class);
$context->registerEventListener(RenderReferenceEvent::class, ReferenceListener::class);
$context->registerReferenceProvider(OfficeTargetReferenceProvider::class);
$context->registerSensitiveMethods(WopiMapper::class, [
'getPathForToken',
'getWopiForToken',
]);
}

public function boot(IBootContext $context): void {
Expand Down
10 changes: 8 additions & 2 deletions lib/Db/WopiMapper.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,7 +122,10 @@ public function generateInitiatorToken($uid, $remoteServer) {
* @throws ExpiredTokenException
* @throws UnknownTokenException
*/
public function getPathForToken($token) {
public function getPathForToken(
#[\SensitiveParameter]
$token
): Wopi {
return $this->getWopiForToken($token);
}

Expand All @@ -136,7 +139,10 @@ public function getPathForToken($token) {
* @throws UnknownTokenException
* @throws ExpiredTokenException
*/
public function getWopiForToken($token) {
public function getWopiForToken(
#[\SensitiveParameter]
string $token
): Wopi {
$qb = $this->db->getQueryBuilder();
$qb->select('*')
->from('richdocuments_wopi')
Expand Down
4 changes: 4 additions & 0 deletions tests/stub.phpstub
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,3 +89,7 @@ namespace Symfony\Component\HttpFoundation {
public static function checkIp(?string $requestIp, $ips) {}
}
}

#[\Attribute(Attribute::TARGET_PARAMETER)]
class SensitiveParameter {
}

0 comments on commit 64dda2e

Please sign in to comment.