Mirrors/cobalt
1
0
Fork 0
mirror of https://github.com/wukko/cobalt.git synced 2024-11-15 12:50:01 +00:00
Code Issues Projects Releases Packages Wiki Activity

web/onDemand: check blockId is string, early return if not

Browse source
This commit is contained in:
dumbmoron 2024-07-06 08:59:02 +00:00
parent 479e14778d
commit 315ddb17c1
No known key found for this signature in database
1 changed files with 35 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
src/core/web.js
View file

@ -26,7 +26,13 @@ export async function runWeb(express, app, gitCommit, gitBranch, __dirname) {
app.get('/onDemand', (req, res) => { app.get('/onDemand', (req, res) => {
try { try {
if (req.query.blockId) { if (typeof req.query.blockId !== 'string') {
return res.status(400).json({
status: "error",
text: "couldn't render this block, please try again!"
});
}
let blockId = req.query.blockId.slice(0, 3); let blockId = req.query.blockId.slice(0, 3);
let blockData; let blockData;
switch(blockId) { switch(blockId) {
@ -54,17 +60,12 @@ export async function runWeb(express, app, gitCommit, gitBranch, __dirname) {
}) })
break; break;
} }
if (blockData?.body) { if (blockData?.body) {
return res.status(blockData.status).json(blockData.body); return res.status(blockData.status).json(blockData.body);
} else { } else {
return res.status(204).end(); return res.status(204).end();
} }
} else {
return res.status(400).json({
status: "error",
text: "couldn't render this block, please try again!"
});
}
} catch { } catch {
return res.status(400).json({ return res.status(400).json({
status: "error", status: "error",