diff options
author | Wim <wim@42.be> | 2015-10-24 17:44:14 +0200 |
---|---|---|
committer | Wim <wim@42.be> | 2015-10-24 17:44:14 +0200 |
commit | 25d72a7e31a0d077546639f3de25d75ebb4efa14 (patch) | |
tree | b58aeeab93be25a50f33000a469f6a858f051f8b | |
parent | 523f6ffb805b5d5d8a4ebde9a174135c7fc96639 (diff) | |
download | matterbridge-msglm-25d72a7e31a0d077546639f3de25d75ebb4efa14.tar.gz matterbridge-msglm-25d72a7e31a0d077546639f3de25d75ebb4efa14.tar.bz2 matterbridge-msglm-25d72a7e31a0d077546639f3de25d75ebb4efa14.zip |
Add some validation for incoming connections
-rw-r--r-- | matterhook/matterhook.go | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/matterhook/matterhook.go b/matterhook/matterhook.go index efc77cc0..8e87cc7b 100644 --- a/matterhook/matterhook.go +++ b/matterhook/matterhook.go @@ -71,6 +71,11 @@ func (c *Client) StartServer() { // ServeHTTP implementation. func (c *Client) ServeHTTP(w http.ResponseWriter, r *http.Request) { + if r.Method != "POST" { + log.Println("invalid " + r.Method + " connection from " + r.RemoteAddr) + http.NotFound(w, r) + return + } msg := IMessage{} err := r.ParseForm() if err != nil { @@ -86,6 +91,11 @@ func (c *Client) ServeHTTP(w http.ResponseWriter, r *http.Request) { http.NotFound(w, r) return } + if msg.Token == "" { + log.Println("no token from " + r.RemoteAddr) + http.NotFound(w, r) + return + } c.In <- msg } |