commit 25d72a7e31a0d077546639f3de25d75ebb4efa14
Author: Wim <wim@42.be>
Date: Sat Oct 24 17:44:14 2015 +0000
Add some validation for incoming connections
diff --git a/matterhook/matterhook.go b/matterhook/matterhook.go
index efc77cc..8e87cc7 100644
--- a/matterhook/matterhook.go
+++ b/matterhook/matterhook.go
@@ -716 +7111 @@ func (c *Client) StartServer() {
// ServeHTTP implementation.
func (c *Client) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+ if r.Method != "POST" {
+ log.Println("invalid " + r.Method + " connection from " + r.RemoteAddr)
+ http.NotFound(w, r)
+ return
+ }
msg := IMessage{}
err := r.ParseForm()
if err != nil {
@@ -866 +9111 @@ func (c *Client) ServeHTTP(w http.ResponseWriter, r *http.Request) {
http.NotFound(w, r)
return
}
+ if msg.Token == "" {
+ log.Println("no token from " + r.RemoteAddr)
+ http.NotFound(w, r)
+ return
+ }
c.In <- msg
}
