2 years ago · 8cbe7cb186
--- a/controllers/ext_client.go
+++ b/controllers/ext_client.go
@@ -320,6 +320,10 @@ func createExtClient(w http.ResponseWriter, r *http.Request) {
 
				 	err := json.NewDecoder(r.Body).Decode(&CustomExtClient)
			
 
				 
			
 
				 	if err == nil {
			
 
				+		if !validName(CustomExtClient.ClientID) {
			
 
				+			logic.ReturnErrorResponse(w, r, logic.FormatError(errInvalidExtClientID, "badrequest"))
			
 
				+			return
			
 
				+		}
			
 
				 		extclient.ClientID = CustomExtClient.ClientID
			
 
				 	}
			
 
				 
			
@@ -413,6 +417,10 @@ func updateExtClient(w http.ResponseWriter, r *http.Request) {
 
				 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
			
 
				 		return
			
 
				 	}
			
 
				+	if !validName(newExtClient.ClientID) {
			
 
				+		logic.ReturnErrorResponse(w, r, logic.FormatError(errInvalidExtClientID, "badrequest"))
			
 
				+		return
			
 
				+	}
			
 
				 	data, err := database.FetchRecord(database.EXT_CLIENT_TABLE_NAME, key)
			
 
				 	if err != nil {
			
 
				 		logger.Log(0, r.Header.Get("user"),
			
--- a/controllers/node.go
+++ b/controllers/node.go
@@ -538,6 +538,10 @@ func createNode(w http.ResponseWriter, r *http.Request) {
 
				 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
			
 
				 		return
			
 
				 	}
			
 
				+	if !validName(node.Name) {
			
 
				+		logic.ReturnErrorResponse(w, r, logic.FormatError(errInvalidNodeName, "badrequest"))
			
 
				+		return
			
 
				+	}
			
 
				 
			
 
				 	node.Network = networkName
			
 
				 
			
@@ -911,6 +915,10 @@ func updateNode(w http.ResponseWriter, r *http.Request) {
 
				 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
			
 
				 		return
			
 
				 	}
			
 
				+	if !validName(newNode.Name) {
			
 
				+		logic.ReturnErrorResponse(w, r, logic.FormatError(errInvalidNodeName, "badrequest"))
			
 
				+		return
			
 
				+	}
			
 
				 	relayupdate := false
			
 
				 	if node.IsRelay == "yes" && len(newNode.RelayAddrs) > 0 {
			
 
				 		if len(newNode.RelayAddrs) != len(node.RelayAddrs) {
			
--- a/controllers/regex.go
+++ b/controllers/regex.go
@@ -0,0 +1,16 @@
 
				+package controller
			
 
				+
			
 
				+import (
			
 
				+	"errors"
			
 
				+	"regexp"
			
 
				+)
			
 
				+
			
 
				+var (
			
 
				+	errInvalidNodeName    = errors.New("Node name must be alphanumderic and/or dashes")
			
 
				+	errInvalidExtClientID = errors.New("Ext client ID must be alphanumderic and/or dashes")
			
 
				+)
			
 
				+
			
 
				+// allow only dashes and alphaneumeric for ext client and node names
			
 
				+func validName(name string) bool {
			
 
				+	return regexp.MustCompile("^[a-zA-Z0-9-]+$").MatchString(name)
			
 
				+}