oss/wallabag
oss/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2025-09-15 18:57:05 +00:00
Code Wiki Activity

Prepare 2.5.3

Browse source
This commit is contained in:
Jeremy Benoist 2023-02-01 09:51:02 +01:00
parent 5ac6b6bff9
commit b795622f06
No known key found for this signature in database
GPG key ID: 7168D5DD29F38552
5 changed files with 60 additions and 46 deletions
Download patch file Download diff file Expand all files Collapse all files

10
src/Wallabag/CoreBundle/Controller/ExportController.php
View file

@ -25,17 +25,17 @@ class ExportController extends Controller
*
* @return \Symfony\Component\HttpFoundation\Response
*/
public function downloadEntryAction(Request $request, $format)
public function downloadEntryAction(Request $request, $format, $id)
{
try {
try {
$entry = $this->get('wallabag_core.entry_repository')
->find((int) $request->query->get('id'));
->find((int) $id);
/**
/*
* We duplicate EntryController::checkUserAction here as a quick fix for an improper authorization vulnerability
*
* This should be eventually rewritten
*/
*/
if (null === $entry || null === $this->getUser() || $this->getUser()->getId() !== $entry->getUser()->getId()) {
throw new NotFoundHttpException();
}