Skip to content

Commit cd64b27

Browse files
Chartman123Chartman123
authored
Merge pull request #2655 from nextcloud/fix/2651
Fix: Handle invalid form hashes correctly
2 parents 49cadbd + d4ef335 commit cd64b27

2 files changed

Lines changed: 18 additions & 6 deletions

File tree

lib/Controller/PageController.php

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -70,9 +70,17 @@ public function index(?string $hash = null): TemplateResponse {
7070
$this->insertHeaderOnIos();
7171
$this->initialState->provideInitialState('maxStringLengths', Constants::MAX_STRING_LENGTHS);
7272
$this->initialState->provideInitialState('appConfig', $this->configService->getAppConfig());
73+
7374
if (isset($hash)) {
74-
$this->initialState->provideInitialState('formId', $this->formMapper->findByHash($hash)->id);
75+
try {
76+
$form = $this->formMapper->findByHash($hash);
77+
$this->initialState->provideInitialState('formId', $form->id);
78+
} catch (DoesNotExistException $e) {
79+
// Provide null to indicate no form was found
80+
$this->initialState->provideInitialState('formId', 'invalid');
81+
}
7582
}
83+
7684
return new TemplateResponse($this->appName, self::TEMPLATE_MAIN, [
7785
'id-app-content' => '#app-content-vue',
7886
'id-app-navigation' => '#app-navigation-vue',

src/Forms.vue

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -251,6 +251,11 @@ export default {
251251
252252
// If the user is allowed to access this route
253253
routeAllowed() {
254+
// Check formId from initial state on app initialization
255+
if (this.loading && loadState(appName, 'formId') === 'invalid') {
256+
return false
257+
}
258+
254259
// Not allowed, if no hash
255260
if (!this.routeHash) {
256261
return false
@@ -420,17 +425,16 @@ export default {
420425
showError(t('forms', 'Form not found'))
421426
422427
if ([403, 404].includes(error.response?.status)) {
423-
this.$router.push({ name: 'root' })
428+
if (this.$route.name !== 'root') {
429+
this.$router.push({ name: 'root' })
430+
}
424431
}
425432
}
426433
}
427434
428435
this.loading = false
429436
},
430437
431-
/**
432-
*
433-
*/
434438
async onNewForm() {
435439
try {
436440
// Request a new empty form
@@ -487,7 +491,7 @@ export default {
487491
this.forms.splice(formIndex, 1)
488492
489493
// Redirect if current form has been deleted
490-
if (deletedHash === this.routeHash) {
494+
if (deletedHash === this.routeHash && this.$route.name !== 'root') {
491495
this.$router.push({ name: 'root' })
492496
}
493497
},

0 commit comments

Comments
 (0)