Guard against invalid QR code requests
This commit is contained in:
parent
d503c84928
commit
416178cf0a
|
@ -29,27 +29,29 @@
|
||||||
(generate-html address balance issue-url) width height)]
|
(generate-html address balance issue-url) width height)]
|
||||||
(combine-images qr-code-image comment-image)))
|
(combine-images qr-code-image comment-image)))
|
||||||
|
|
||||||
|
|
||||||
(defapi qr-routes
|
(defapi qr-routes
|
||||||
(context "/qr" []
|
(context "/qr" []
|
||||||
;; user may be an organization here
|
(GET "/:owner/:repo/bounty/:issue{[0-9]{1,9}}/:hash/qr.png" [owner repo issue hash]
|
||||||
(GET "/:user/:repo/bounty/:issue{[0-9]{1,9}}/:hash/qr.png" [user repo issue hash]
|
(log/debug "qr PNG GET" owner repo issue hash (bounties/get-bounty-address owner
|
||||||
(log/debug "qr PNG GET" user repo issue hash)
|
repo
|
||||||
(let [{address :contract_address
|
(Integer/parseInt issue)))
|
||||||
|
(when-let [{address :contract_address
|
||||||
login :login
|
login :login
|
||||||
repo :repo
|
repo :repo
|
||||||
issue-number :issue_number}
|
issue-number :issue_number}
|
||||||
(bounties/get-bounty-address user
|
(bounties/get-bounty-address owner
|
||||||
repo
|
repo
|
||||||
(Integer/parseInt issue))
|
(Integer/parseInt issue))]
|
||||||
balance (eth/get-balance-eth address 8)]
|
(when address
|
||||||
|
(let [balance (eth/get-balance-eth address 8)]
|
||||||
(log/debug "address:" address "balance:" balance)
|
(log/debug "address:" address "balance:" balance)
|
||||||
|
|
||||||
(if (and address
|
(if (and address
|
||||||
(= hash (github/github-comment-hash user repo issue)))
|
(= hash (github/github-comment-hash owner repo issue)))
|
||||||
(let [issue-url (str login "/" repo "/issues/" issue-number)
|
(let [issue-url (str login "/" repo "/issues/" issue-number)
|
||||||
image-url (generate-image address balance issue-url 768 256)
|
image-url (generate-image address balance issue-url 768 256)
|
||||||
response (assoc-in (ok image-url)
|
response (assoc-in (ok image-url)
|
||||||
[:headers "cache-control"] "no-cache")]
|
[:headers "cache-control"] "no-cache")]
|
||||||
(log/debug "balance:" address "response" response)
|
(log/debug "balance:" address "response" response)
|
||||||
response)
|
response)
|
||||||
(bad-request))))))
|
(bad-request))))))))
|
||||||
|
|
Loading…
Reference in New Issue