guru/uBrowserSync
guru
/
uBrowserSync
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Enforce application/json content type for request body

This commit is contained in:
Maurizio Porrato 2021-05-17 21:59:43 +01:00
parent a2935b2060
commit 496cc86933
Signed by: guru
GPG Key ID: C622977DF024AC24
2 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
cmd/ubsserver/main.go
View File

@ -76,7 +76,18 @@ func info(w http.ResponseWriter, req *http.Request) {
}
}
func ensureJSONRequest(w http.ResponseWriter, req *http.Request) bool {
if strings.ToLower(req.Header["Content-Type"][0]) != "application/json" {
sendJSONError(w, syncstore.RequiredDataNotFoundError)
return false
}
return true
}
func createSync(w http.ResponseWriter, req *http.Request) {
if !ensureJSONRequest(w, req) {
return
}
body := new(syncstore.CreateReq)
req.Body = http.MaxBytesReader(w, req.Body, 10000)
err := json.NewDecoder(req.Body).Decode(&body)
@ -124,6 +135,9 @@ func getVersion(syncId string, w http.ResponseWriter, _ *http.Request) {
}
func updateSync(syncId string, w http.ResponseWriter, req *http.Request) {
if !ensureJSONRequest(w, req) {
return
}
body := new(syncstore.UpdateReq)
req.Body = http.MaxBytesReader(w, req.Body, int64(10000 + maxSyncSize))
err := json.NewDecoder(req.Body).Decode(&body)

5
syncstore/errors.go
View File

@ -52,4 +52,9 @@ var (
"SyncDataLimitExceededException",
"Sync data limit exceeded",
http.StatusRequestEntityTooLarge)
RequiredDataNotFoundError = NewSyncError(
"RequiredDataNotFoundException",
"Unable to find required data",
http.StatusBadRequest)
)