Gracefully handle `IllegalLinkException` in API actions

diff --git a/wcfsetup/install/files/lib/action/ApiAction.class.php b/wcfsetup/install/files/lib/action/ApiAction.class.php
index 8d3a57b6c4e3f15fd1f56af7dea583771f66bf37..9bbbe0681fb1fa8021524867c72b06b0244cb445 100644 (file)
--- a/wcfsetup/install/files/lib/action/ApiAction.class.php
+++ b/wcfsetup/install/files/lib/action/ApiAction.class.php
@@ -17,6 +17,7 @@ use wcf\system\endpoint\IController;
 use wcf\system\endpoint\RequestFailure;
 use wcf\system\endpoint\RequestType;
 use wcf\system\event\EventHandler;
+use wcf\system\exception\IllegalLinkException;
 use wcf\system\exception\PermissionDeniedException;
 use wcf\system\exception\UserInputException;
 use wcf\system\request\RouteHandler;
@@ -95,6 +96,8 @@ final class ApiAction implements RequestHandlerInterface
             return $this->toErrorResponse(RequestFailure::PermissionDenied, 'permission_denied');
         } catch (UserInputException $e) {
             return $this->toErrorResponse(RequestFailure::ValidationFailed, $e->getType(), $e->getMessage(), $e->getField());
+        } catch (IllegalLinkException) {
+            return $this->toErrorResponse(RequestFailure::ValidationFailed, 'assertion_failed');
         } catch (\Throwable $e) {
             logThrowable($e);