dylan.derr/Send
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

extracted server id validation

Browse source
This commit is contained in:
Danny Coates 2018-02-05 16:36:44 -08:00
parent 807c44f057
commit aae61f9451
No known key found for this signature in database
GPG key ID: 4C442633C62E00CB
15 changed files with 83 additions and 388 deletions
Download patch file Download diff file Expand all files Collapse all files

7
server/routes/pages.js
View file

@ -2,10 +2,6 @@ const routes = require('../../app/routes');
const storage = require('../storage');
const state = require('../state');
function validateID(route_id) {
return route_id.match(/^[0-9a-fA-F]{10}$/) !== null;
}
function stripEvents(str) {
// For CSP we need to remove all the event handler placeholders.
// It's ok, app.js will add them when it attaches to the DOM.
@ -23,9 +19,6 @@ module.exports = {
download: async function(req, res, next) {
const id = req.params.id;
if (!validateID(id)) {
return next();
}
try {
const { nonce, pwd } = await storage.metadata(id);