From: Alexander Ebert <ebert@woltlab.com>
Date: Mon, 23 Sep 2024 08:52:50 +0000 (+0200)
Subject: Gracefully handle `IllegalLinkException` in API actions
X-Git-Tag: 6.1.0_Beta_2~28^2
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=baa343dd9748580206b8fcf5f4153208c48d5d85;p=GitHub%2FWoltLab%2FWCF.git

Gracefully handle `IllegalLinkException` in API actions
---

diff --git a/wcfsetup/install/files/lib/action/ApiAction.class.php b/wcfsetup/install/files/lib/action/ApiAction.class.php
index 8d3a57b6c4..9bbbe0681f 100644
--- a/wcfsetup/install/files/lib/action/ApiAction.class.php
+++ b/wcfsetup/install/files/lib/action/ApiAction.class.php
@@ -17,6 +17,7 @@ use wcf\system\endpoint\IController;
 use wcf\system\endpoint\RequestFailure;
 use wcf\system\endpoint\RequestType;
 use wcf\system\event\EventHandler;
+use wcf\system\exception\IllegalLinkException;
 use wcf\system\exception\PermissionDeniedException;
 use wcf\system\exception\UserInputException;
 use wcf\system\request\RouteHandler;
@@ -95,6 +96,8 @@ final class ApiAction implements RequestHandlerInterface
             return $this->toErrorResponse(RequestFailure::PermissionDenied, 'permission_denied');
         } catch (UserInputException $e) {
             return $this->toErrorResponse(RequestFailure::ValidationFailed, $e->getType(), $e->getMessage(), $e->getField());
+        } catch (IllegalLinkException) {
+            return $this->toErrorResponse(RequestFailure::ValidationFailed, 'assertion_failed');
         } catch (\Throwable $e) {
             logThrowable($e);