From dfd299d4697a629f09ef20fc05c6d9e474bd5475 Mon Sep 17 00:00:00 2001 From: HampusM Date: Sun, 15 Aug 2021 15:29:53 +0200 Subject: Improved route parameter validation --- packages/server/src/routes/api/v1/repo/branches.ts | 5 +++++ packages/server/src/routes/api/v1/repo/index.ts | 10 +++++----- packages/server/src/routes/api/v1/repo/log.ts | 7 ++++++- 3 files changed, 16 insertions(+), 6 deletions(-) (limited to 'packages/server/src/routes/api/v1/repo') diff --git a/packages/server/src/routes/api/v1/repo/branches.ts b/packages/server/src/routes/api/v1/repo/branches.ts index c36463d..99f0327 100644 --- a/packages/server/src/routes/api/v1/repo/branches.ts +++ b/packages/server/src/routes/api/v1/repo/branches.ts @@ -24,6 +24,11 @@ export default function(fastify: FastifyInstance, opts: FastifyPluginOptions, do fastify.route({ method: "GET", url: "/branches/:branch", + schema: { + params: { + branch: { type: "string" } + } + }, handler: async(req, reply) => { const branch = await Branch.lookup(req.repository, req.params.branch); diff --git a/packages/server/src/routes/api/v1/repo/index.ts b/packages/server/src/routes/api/v1/repo/index.ts index 059a9d4..4cd6c51 100644 --- a/packages/server/src/routes/api/v1/repo/index.ts +++ b/packages/server/src/routes/api/v1/repo/index.ts @@ -103,6 +103,11 @@ export default function(fastify: FastifyInstance, opts: FastifyPluginOptions, do fastify.route({ method: "GET", url: "/tree/history", + schema: { + querystring: { + path: { type: "string" } + } + }, handler: async(req, reply) => { const tree = await req.repository.tree().catch((err: ServerError) => err); @@ -111,11 +116,6 @@ export default function(fastify: FastifyInstance, opts: FastifyPluginOptions, do return; } - if(Object.keys(req.query).length === 0) { - reply.code(400).send({ error: "Missing query parameter 'path'!" }); - return; - } - const tree_path = req.query.path; const tree_entry = await tree.find(tree_path).catch((err: ServerError) => err); diff --git a/packages/server/src/routes/api/v1/repo/log.ts b/packages/server/src/routes/api/v1/repo/log.ts index edca0b3..163cf80 100644 --- a/packages/server/src/routes/api/v1/repo/log.ts +++ b/packages/server/src/routes/api/v1/repo/log.ts @@ -23,7 +23,7 @@ export default function(fastify: FastifyInstance, opts: FastifyPluginOptions, do url: "/log", schema: { querystring: { - count: { type: "number" } + count: { type: "number", minimum: 1 } } }, handler: async(req, reply) => { @@ -38,6 +38,11 @@ export default function(fastify: FastifyInstance, opts: FastifyPluginOptions, do fastify.route({ method: "GET", url: "/log/:commit", + schema: { + params: { + commit: { type: "string" } + } + }, handler: async(req, reply) => { const commit_verification = await verifySHA(req.repository, req.params.commit); if(commit_verification.success === false && commit_verification.code) { -- cgit v1.2.3-18-g5258