diff options
| author | Joas Schilling <coding@schilljs.com> | 2021-09-13 14:10:05 +0300 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2021-09-17 09:53:10 +0300 |
| commit | 11903a58d39438099be4472549f8feb6f28f0a56 (patch) | |
| tree | 211f4e74df570f76570971da3b98b29abfee704b /lib/Controller/ChatController.php | |
| parent | e1b24233569744c9920689921c9cd79509d0a436 (diff) | |
Add some validation to the geo location id
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'lib/Controller/ChatController.php')
| -rw-r--r-- | lib/Controller/ChatController.php | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/Controller/ChatController.php b/lib/Controller/ChatController.php index 2e22a1cd9..0084240b7 100644 --- a/lib/Controller/ChatController.php +++ b/lib/Controller/ChatController.php @@ -291,6 +291,11 @@ class ChatController extends AEnvironmentAwareController { return new DataResponse([], Http::STATUS_BAD_REQUEST); } + if ($data['type'] === 'geo-location' + && !preg_match(ChatManager::GEO_LOCATION_VALIDATOR, $data['id'])) { + return new DataResponse([], Http::STATUS_BAD_REQUEST); + } + $this->participantService->ensureOneToOneRoomIsFilled($this->room); $creationDateTime = $this->timeFactory->getDateTime('now', new \DateTimeZone('UTC')); |