aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/tools
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2022-11-15 14:41:55 +0100
committerChocobozzz <me@florianbigard.com>2022-11-15 14:41:55 +0100
commit4638cd713dcdd007cd7f49b9a95fa62ac7823e7c (patch)
tree3e341c6ebbd1ce9e2bbacd72e7e3793e0bd467c2 /server/tools
parent6bcb559fc9a491fc3ce83e7c077ee9dc742b1d63 (diff)
downloadPeerTube-4638cd713dcdd007cd7f49b9a95fa62ac7823e7c.tar.gz
PeerTube-4638cd713dcdd007cd7f49b9a95fa62ac7823e7c.tar.zst
PeerTube-4638cd713dcdd007cd7f49b9a95fa62ac7823e7c.zip
Don't inject untrusted input
Even if it's already checked in middlewares It's better to have safe modals too
Diffstat (limited to 'server/tools')
-rw-r--r--server/tools/peertube-redundancy.ts4
1 files changed, 2 insertions, 2 deletions
diff --git a/server/tools/peertube-redundancy.ts b/server/tools/peertube-redundancy.ts
index 4bb9fbc5a..5c82fa420 100644
--- a/server/tools/peertube-redundancy.ts
+++ b/server/tools/peertube-redundancy.ts
@@ -2,7 +2,7 @@ import CliTable3 from 'cli-table3'
2import { Command, program } from 'commander' 2import { Command, program } from 'commander'
3import { URL } from 'url' 3import { URL } from 'url'
4import validator from 'validator' 4import validator from 'validator'
5import { uniqify } from '@shared/core-utils' 5import { forceNumber, uniqify } from '@shared/core-utils'
6import { HttpStatusCode, VideoRedundanciesTarget } from '@shared/models' 6import { HttpStatusCode, VideoRedundanciesTarget } from '@shared/models'
7import { assignToken, buildServer, getServerCredentials } from './cli' 7import { assignToken, buildServer, getServerCredentials } from './cli'
8 8
@@ -138,7 +138,7 @@ async function removeRedundancyCLI (options: { video: number }, command: Command
138 process.exit(-1) 138 process.exit(-1)
139 } 139 }
140 140
141 const videoId = parseInt(options.video + '', 10) 141 const videoId = forceNumber(options.video)
142 142
143 const myVideoRedundancies = await server.redundancy.listVideos({ target: 'my-videos' }) 143 const myVideoRedundancies = await server.redundancy.listVideos({ target: 'my-videos' })
144 let videoRedundancy = myVideoRedundancies.data.find(r => videoId === r.id) 144 let videoRedundancy = myVideoRedundancies.data.find(r => videoId === r.id)