summaryrefslogtreecommitdiffstats
path: root/matterhook
diff options
context:
space:
mode:
authorWim <wim@42.be>2015-10-24 17:44:14 +0200
committerWim <wim@42.be>2015-10-24 17:44:14 +0200
commit25d72a7e31a0d077546639f3de25d75ebb4efa14 (patch)
treeb58aeeab93be25a50f33000a469f6a858f051f8b /matterhook
parent523f6ffb805b5d5d8a4ebde9a174135c7fc96639 (diff)
downloadmatterbridge-msglm-25d72a7e31a0d077546639f3de25d75ebb4efa14.tar.gz
matterbridge-msglm-25d72a7e31a0d077546639f3de25d75ebb4efa14.tar.bz2
matterbridge-msglm-25d72a7e31a0d077546639f3de25d75ebb4efa14.zip
Add some validation for incoming connections
Diffstat (limited to 'matterhook')
-rw-r--r--matterhook/matterhook.go10
1 files changed, 10 insertions, 0 deletions
diff --git a/matterhook/matterhook.go b/matterhook/matterhook.go
index efc77cc0..8e87cc7b 100644
--- a/matterhook/matterhook.go
+++ b/matterhook/matterhook.go
@@ -71,6 +71,11 @@ func (c *Client) StartServer() {
// ServeHTTP implementation.
func (c *Client) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+ if r.Method != "POST" {
+ log.Println("invalid " + r.Method + " connection from " + r.RemoteAddr)
+ http.NotFound(w, r)
+ return
+ }
msg := IMessage{}
err := r.ParseForm()
if err != nil {
@@ -86,6 +91,11 @@ func (c *Client) ServeHTTP(w http.ResponseWriter, r *http.Request) {
http.NotFound(w, r)
return
}
+ if msg.Token == "" {
+ log.Println("no token from " + r.RemoteAddr)
+ http.NotFound(w, r)
+ return
+ }
c.In <- msg
}