Do more validation of incoming request
This commit is contained in:
parent
8bad40701b
commit
57976f646f
|
@ -316,11 +316,11 @@ class RegisterRestServlet(ClientV1RestServlet):
|
||||||
def _do_shared_secret(self, request, register_json, session):
|
def _do_shared_secret(self, request, register_json, session):
|
||||||
yield run_on_reactor()
|
yield run_on_reactor()
|
||||||
|
|
||||||
if "mac" not in register_json:
|
if not isinstance(register_json.get("mac", None), basestring):
|
||||||
raise SynapseError(400, "Expected mac.")
|
raise SynapseError(400, "Expected mac.")
|
||||||
if "user" not in register_json:
|
if not isinstance(register_json.get("user", None), basestring):
|
||||||
raise SynapseError(400, "Expected 'user' key.")
|
raise SynapseError(400, "Expected 'user' key.")
|
||||||
if "password" not in register_json:
|
if not isinstance(register_json.get("password", None), basestring):
|
||||||
raise SynapseError(400, "Expected 'password' key.")
|
raise SynapseError(400, "Expected 'password' key.")
|
||||||
|
|
||||||
if not self.hs.config.registration_shared_secret:
|
if not self.hs.config.registration_shared_secret:
|
||||||
|
|
Loading…
Reference in New Issue