aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2023-02-27 09:44:03 +0100
committerChocobozzz <me@florianbigard.com>2023-02-27 09:44:03 +0100
commitd7ce9dca613d96889baa0c93063806268f68cce5 (patch)
treeba453ee3ff972b8838ff94006bfae9a3e1123a59 /server/middlewares
parent4765348107ddd21cd2a0b86093859aa2e23ac0f1 (diff)
downloadPeerTube-d7ce9dca613d96889baa0c93063806268f68cce5.tar.gz
PeerTube-d7ce9dca613d96889baa0c93063806268f68cce5.tar.zst
PeerTube-d7ce9dca613d96889baa0c93063806268f68cce5.zip
Add additional check for playlistName
Diffstat (limited to 'server/middlewares')
-rw-r--r--server/middlewares/validators/static.ts6
1 files changed, 5 insertions, 1 deletions
diff --git a/server/middlewares/validators/static.ts b/server/middlewares/validators/static.ts
index d3d307787..45d56bcd6 100644
--- a/server/middlewares/validators/static.ts
+++ b/server/middlewares/validators/static.ts
@@ -2,7 +2,7 @@ import express from 'express'
2import { query } from 'express-validator' 2import { query } from 'express-validator'
3import LRUCache from 'lru-cache' 3import LRUCache from 'lru-cache'
4import { basename, dirname } from 'path' 4import { basename, dirname } from 'path'
5import { exists, isUUIDValid, toBooleanOrNull } from '@server/helpers/custom-validators/misc' 5import { exists, isSafePeerTubeFilenameWithoutExtension, isUUIDValid, toBooleanOrNull } from '@server/helpers/custom-validators/misc'
6import { logger } from '@server/helpers/logger' 6import { logger } from '@server/helpers/logger'
7import { LRU_CACHE } from '@server/initializers/constants' 7import { LRU_CACHE } from '@server/initializers/constants'
8import { VideoModel } from '@server/models/video/video' 8import { VideoModel } from '@server/models/video/video'
@@ -69,6 +69,10 @@ const ensureCanAccessPrivateVideoHLSFiles = [
69 .customSanitizer(toBooleanOrNull) 69 .customSanitizer(toBooleanOrNull)
70 .isBoolean().withMessage('Should be a valid reinjectVideoFileToken boolean'), 70 .isBoolean().withMessage('Should be a valid reinjectVideoFileToken boolean'),
71 71
72 query('playlistName')
73 .optional()
74 .customSanitizer(isSafePeerTubeFilenameWithoutExtension),
75
72 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 76 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
73 if (areValidationErrors(req, res)) return 77 if (areValidationErrors(req, res)) return
74 78