diff --git a/apps/files_sharing/lib/Controller/PublicPreviewController.php b/apps/files_sharing/lib/Controller/PublicPreviewController.php index 9056161af84fe..f51b10688f240 100644 --- a/apps/files_sharing/lib/Controller/PublicPreviewController.php +++ b/apps/files_sharing/lib/Controller/PublicPreviewController.php @@ -59,12 +59,14 @@ protected function isPasswordProtected(): bool { return $this->share->getPassword() !== null; } - /** - * Get a preview for a shared file + * Get a preview for a public share. + * + * For shares pointing to a single file, the $file parameter is ignored and may be empty. + * For folder shares, $file must be the relative path to a file inside the shared folder. * * @param string $token Token of the share - * @param string $file File in the share + * @param string $file Relative path to a file inside a shared folder; ignored for single-file shares * @param int $x Width of the preview * @param int $y Height of the preview * @param bool $a Whether to not crop the preview @@ -122,19 +124,22 @@ public function getPreview( try { $node = $share->getNode(); if ($node instanceof Folder) { - $file = $node->get($file); + if ($file === '') { + return new DataResponse([], Http::STATUS_BAD_REQUEST); + } + $fileNode = $node->get($file); } else { - $file = $node; + $fileNode = $node; } - $f = $this->previewManager->getPreview($file, $x, $y, !$a); + $f = $this->previewManager->getPreview($fileNode, $x, $y, !$a); $response = new FileDisplayResponse($f, Http::STATUS_OK, ['Content-Type' => $f->getMimeType()]); $response->cacheFor($cacheForSeconds); return $response; } catch (NotFoundException $e) { // If we have no preview enabled, we can redirect to the mime icon if any - if ($mimeFallback) { - if ($url = $this->mimeIconProvider->getMimeIconUrl($file->getMimeType())) { + if ($mimeFallback && isset($fileNode) && !($fileNode instanceof Folder)) { + if ($url = $this->mimeIconProvider->getMimeIconUrl($fileNode->getMimeType())) { return new RedirectResponse($url); } }