diff options
author | Marius David Wieschollek <passwords.public@mdns.eu> | 2020-01-27 18:38:51 +0300 |
---|---|---|
committer | Marius David Wieschollek <passwords.public@mdns.eu> | 2020-01-27 18:38:51 +0300 |
commit | 6ddaecfef58e49140b7b41e4749145e333628b26 (patch) | |
tree | c61627ba63e9ba5a067ca3c234c55ddfb8913b1d /src | |
parent | ae7a94f8068705ba093965479caad275f08a3536 (diff) |
Restrict client message types
Diffstat (limited to 'src')
-rw-r--r-- | src/js/Services/MessageService.js | 23 |
1 files changed, 21 insertions, 2 deletions
diff --git a/src/js/Services/MessageService.js b/src/js/Services/MessageService.js index 7570d7a..aeaa8d8 100644 --- a/src/js/Services/MessageService.js +++ b/src/js/Services/MessageService.js @@ -202,7 +202,8 @@ class MessageService { * @private */ _receiveMessage(data, sender = null) { - let message = this._createMessageFromJSON(data); + let isFromTab = sender !== null && sender.hasOwnProperty('tab'), + message = this._createMessageFromJSON(data, isFromTab); if(!message) return; return new Promise( @@ -228,10 +229,11 @@ class MessageService { /** * * @param {String} data + * @param {Boolean} fromTab * @returns {(Message|void)} * @private */ - _createMessageFromJSON(data) { + _createMessageFromJSON(data, fromTab = false) { let message = new Message(JSON.parse(data)); if(message.getReceiver() !== null && message.getReceiver() !== this._sender) { @@ -239,11 +241,28 @@ class MessageService { return; } + if(fromTab && this._checkClientRestrictions(message)) { + console.debug('message.rejected', message); + return; + } + return message; } /** * + * @param {Message} message + * @returns {Boolean} + * @private + */ + _checkClientRestrictions(message) { + return message.getSender() !== 'client' || + (message.getType() !== 'password.mine' && message.getType() !== 'queue.items') || + (message.getType() === 'queue.items' && message.getPayload().name !== 'error'); + } + + /** + * * @returns {(Message|void)} * @private */ |