m/umami
1
0
Fork 0
mirror of https://github.com/kremalicious/umami.git synced 2024-06-30 13:41:50 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add share_id validation.

Browse Source
This commit is contained in:
Brian Cao 2023-05-25 16:46:37 -07:00
parent 050cd2f5d9
commit 06e6cbec9a
2 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/constants.ts
View File

@ -147,6 +147,8 @@ export const EVENT_COLORS = [
export const DOMAIN_REGEX =
/^(localhost(:[1-9]\d{0,4})?|((?=[a-z0-9-]{1,63}\.)(xn--)?[a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,63})$/;
export const SHARE_ID_REGEX = /^[a-zA-Z0-9]{16}$/;
export const DESKTOP_SCREEN_WIDTH = 1920;
export const LAPTOP_SCREEN_WIDTH = 1024;
export const MOBILE_SCREEN_WIDTH = 479;

5
pages/api/websites/[id]/index.ts
View File

@ -4,6 +4,7 @@ import { Website, NextApiRequestQueryBody } from 'lib/types';
import { canViewWebsite, canUpdateWebsite, canDeleteWebsite } from 'lib/auth';
import { useAuth, useCors } from 'lib/middleware';
import { deleteWebsite, getWebsite, updateWebsite } from 'queries';
import { SHARE_ID_REGEX } from 'lib/constants';
export interface WebsiteRequestQuery {
id: string;
@ -43,6 +44,10 @@ export default async (
let website;
if (shareId && !shareId.match(SHARE_ID_REGEX)) {
return serverError(res, 'Invalid share ID.');
}
try {
website = await updateWebsite(websiteId, { name, domain, shareId });
} catch (e: any) {