diff options
| author | Lanre Adelowo <adelowomailbox@gmail.com> | 2018-09-10 15:31:08 +0100 |
|---|---|---|
| committer | techknowlogick <techknowlogick@users.noreply.github.com> | 2018-09-10 10:31:08 -0400 |
| commit | be48397945c77748d412baad3493bb5bd1c95e2a (patch) | |
| tree | d53dc2e78052588b6985400b762e994227183e76 /routers/api | |
| parent | 6e03390aa8fa096206457962db1955d642860b57 (diff) | |
| download | gitea-be48397945c77748d412baad3493bb5bd1c95e2a.tar.gz gitea-be48397945c77748d412baad3493bb5bd1c95e2a.zip | |
Slack webhook channel name cannot be empty or just contain an hashtag (#4786)
Diffstat (limited to 'routers/api')
| -rw-r--r-- | routers/api/v1/utils/hook.go | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/routers/api/v1/utils/hook.go b/routers/api/v1/utils/hook.go index d0538ec54f..380dc886a5 100644 --- a/routers/api/v1/utils/hook.go +++ b/routers/api/v1/utils/hook.go @@ -5,14 +5,16 @@ package utils import ( - api "code.gitea.io/sdk/gitea" - "encoding/json" "net/http" + "strings" "code.gitea.io/gitea/models" "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/routers/api/v1/convert" + "code.gitea.io/gitea/routers/utils" + api "code.gitea.io/sdk/gitea" + "github.com/Unknwon/com" ) @@ -119,8 +121,14 @@ func addHook(ctx *context.APIContext, form *api.CreateHookOption, orgID, repoID ctx.Error(422, "", "Missing config option: channel") return nil, false } + + if !utils.IsValidSlackChannel(channel) { + ctx.Error(400, "", "Invalid slack channel name") + return nil, false + } + meta, err := json.Marshal(&models.SlackMeta{ - Channel: channel, + Channel: strings.TrimSpace(channel), Username: form.Config["username"], IconURL: form.Config["icon_url"], Color: form.Config["color"], |