mirror of
https://github.com/strukturag/nextcloud-spreed-signaling
synced 2024-04-27 11:41:52 +02:00
Make sure room ids for dial-out are numeric.
This commit is contained in:
parent
fdb4d74dd6
commit
e333ddfd53
|
@ -36,6 +36,7 @@ import (
|
|||
"net/http"
|
||||
"net/url"
|
||||
"reflect"
|
||||
"regexp"
|
||||
"strings"
|
||||
"sync"
|
||||
"sync/atomic"
|
||||
|
@ -669,11 +670,21 @@ func returnDialoutError(status int, err *Error) (any, error) {
|
|||
return response, nil
|
||||
}
|
||||
|
||||
var checkNumeric = regexp.MustCompile(`^[0-9]+$`)
|
||||
|
||||
func isNumeric(s string) bool {
|
||||
return checkNumeric.MatchString(s)
|
||||
}
|
||||
|
||||
func (b *BackendServer) startDialout(roomid string, backend *Backend, request *BackendServerRoomRequest) (any, error) {
|
||||
if err := request.Dialout.ValidateNumber(); err != nil {
|
||||
return returnDialoutError(http.StatusBadRequest, err)
|
||||
}
|
||||
|
||||
if !isNumeric(roomid) {
|
||||
return returnDialoutError(http.StatusBadRequest, NewError("invalid_roomid", "The room id must be numeric."))
|
||||
}
|
||||
|
||||
var session *ClientSession
|
||||
for s := range b.hub.dialoutSessions {
|
||||
if s.GetClient() != nil {
|
||||
|
|
|
@ -1760,3 +1760,32 @@ func TestBackendServer_StatsAllowedIps(t *testing.T) {
|
|||
})
|
||||
}
|
||||
}
|
||||
|
||||
func Test_IsNumeric(t *testing.T) {
|
||||
numeric := []string{
|
||||
"0",
|
||||
"1",
|
||||
"12345",
|
||||
}
|
||||
nonNumeric := []string{
|
||||
"",
|
||||
" ",
|
||||
" 0",
|
||||
"0 ",
|
||||
" 0 ",
|
||||
"-1",
|
||||
"1.2",
|
||||
"1a",
|
||||
"a1",
|
||||
}
|
||||
for _, s := range numeric {
|
||||
if !isNumeric(s) {
|
||||
t.Errorf("%s should be numeric", s)
|
||||
}
|
||||
}
|
||||
for _, s := range nonNumeric {
|
||||
if isNumeric(s) {
|
||||
t.Errorf("%s should not be numeric", s)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue