Raise 400 on invalid request to '/feed/webhook'

author: Omar Roth <omarroth@protonmail.com> 2019-07-10 11:22:10 -0500
committer: Omar Roth <omarroth@protonmail.com> 2019-07-10 11:26:05 -0500
commit: bb096a0357fa7481e3c149cba65056595622ac6c (patch)
tree: cf02f98aa176b9de95ca50c5dce20bd5d6ffba46
parent: 3c226892c619914f2d6bf6ca8b43eda356dfd522 (diff)
download: invidious-bb096a0357fa7481e3c149cba65056595622ac6c.tar.gz
invidious-bb096a0357fa7481e3c149cba65056595622ac6c.tar.bz2
invidious-bb096a0357fa7481e3c149cba65056595622ac6c.zip
1 files changed, 12 insertions, 3 deletions
diff --git a/src/invidious.cr b/src/invidious.cr
index ba7e65b5..8d5ed886 100644
--- a/src/invidious.cr
+++ b/src/invidious.cr
@@ -2656,9 +2656,18 @@ end
 get "/feed/webhook/:token" do |env|
   verify_token = env.params.url["token"]
 
-  mode = env.params.query["hub.mode"]
-  topic = env.params.query["hub.topic"]
-  challenge = env.params.query["hub.challenge"]
+  mode = env.params.query["hub.mode"]?
+  topic = env.params.query["hub.topic"]?
+  challenge = env.params.query["hub.challenge"]?
+
+  if !mode || !topic || !challenge
+    env.response.status_code = 400
+    next
+  else
+    mode = mode.not_nil!
+    topic = topic.not_nil!
+    challenge = challenge.not_nil!
+  end
 
   case verify_token
   when .starts_with? "v1"
author	Omar Roth <omarroth@protonmail.com>	2019-07-10 11:22:10 -0500
committer	Omar Roth <omarroth@protonmail.com>	2019-07-10 11:26:05 -0500
commit	bb096a0357fa7481e3c149cba65056595622ac6c (patch)
tree	cf02f98aa176b9de95ca50c5dce20bd5d6ffba46
parent	3c226892c619914f2d6bf6ca8b43eda356dfd522 (diff)
download	invidious-bb096a0357fa7481e3c149cba65056595622ac6c.tar.gz invidious-bb096a0357fa7481e3c149cba65056595622ac6c.tar.bz2 invidious-bb096a0357fa7481e3c149cba65056595622ac6c.zip