Add some validation for incoming connections

author: Wim <wim@42.be> 2015-10-24 17:44:14 +0200
committer: Wim <wim@42.be> 2015-10-24 17:44:14 +0200
commit: 25d72a7e31a0d077546639f3de25d75ebb4efa14 (patch)
tree: b58aeeab93be25a50f33000a469f6a858f051f8b
parent: 523f6ffb805b5d5d8a4ebde9a174135c7fc96639 (diff)
download: matterbridge-msglm-25d72a7e31a0d077546639f3de25d75ebb4efa14.tar.gz
matterbridge-msglm-25d72a7e31a0d077546639f3de25d75ebb4efa14.tar.bz2
matterbridge-msglm-25d72a7e31a0d077546639f3de25d75ebb4efa14.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/matterhook/matterhook.go b/matterhook/matterhook.go
index efc77cc0..8e87cc7b 100644
--- a/matterhook/matterhook.go
+++ b/matterhook/matterhook.go
@@ -71,6 +71,11 @@ func (c *Client) StartServer() {
 
 // ServeHTTP implementation.
 func (c *Client) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	if r.Method != "POST" {
+		log.Println("invalid " + r.Method + " connection from " + r.RemoteAddr)
+		http.NotFound(w, r)
+		return
+	}
 	msg := IMessage{}
 	err := r.ParseForm()
 	if err != nil {
@@ -86,6 +91,11 @@ func (c *Client) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		http.NotFound(w, r)
 		return
 	}
+	if msg.Token == "" {
+		log.Println("no token from " + r.RemoteAddr)
+		http.NotFound(w, r)
+		return
+	}
 	c.In <- msg
 }
author	Wim <wim@42.be>	2015-10-24 17:44:14 +0200
committer	Wim <wim@42.be>	2015-10-24 17:44:14 +0200
commit	25d72a7e31a0d077546639f3de25d75ebb4efa14 (patch)
tree	b58aeeab93be25a50f33000a469f6a858f051f8b
parent	523f6ffb805b5d5d8a4ebde9a174135c7fc96639 (diff)
download	matterbridge-msglm-25d72a7e31a0d077546639f3de25d75ebb4efa14.tar.gz matterbridge-msglm-25d72a7e31a0d077546639f3de25d75ebb4efa14.tar.bz2 matterbridge-msglm-25d72a7e31a0d077546639f3de25d75ebb4efa14.zip