Do more validation of incoming request

pull/109/head
Erik Johnston 2015-03-18 11:30:04 +00:00
parent 8bad40701b
commit 57976f646f
1 changed files with 3 additions and 3 deletions

View File

@ -316,11 +316,11 @@ class RegisterRestServlet(ClientV1RestServlet):
def _do_shared_secret(self, request, register_json, session): def _do_shared_secret(self, request, register_json, session):
yield run_on_reactor() yield run_on_reactor()
if "mac" not in register_json: if not isinstance(register_json.get("mac", None), basestring):
raise SynapseError(400, "Expected mac.") raise SynapseError(400, "Expected mac.")
if "user" not in register_json: if not isinstance(register_json.get("user", None), basestring):
raise SynapseError(400, "Expected 'user' key.") raise SynapseError(400, "Expected 'user' key.")
if "password" not in register_json: if not isinstance(register_json.get("password", None), basestring):
raise SynapseError(400, "Expected 'password' key.") raise SynapseError(400, "Expected 'password' key.")
if not self.hs.config.registration_shared_secret: if not self.hs.config.registration_shared_secret: