Kharec/goyco
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: add explicite validation check for empty url, title and content length

Browse Source
This commit is contained in:
Sandro CURY CAZZANIGA
2025-11-23 14:21:30 +01:00
parent 216e8657f6
commit 0a8ed2e27c
1 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
internal/handlers/post_handler.go
View File

@@ -130,6 +130,11 @@ func (h *PostHandler) CreatePost(w http.ResponseWriter, r *http.Request) {
url := security.SanitizeURL(req.URL) url := security.SanitizeURL(req.URL)
content := security.SanitizePostContent(req.Content) content := security.SanitizePostContent(req.Content)
if url == "" {
SendErrorResponse(w, "Invalid URL", http.StatusBadRequest)
return
}
if title == "" && h.titleFetcher != nil { if title == "" && h.titleFetcher != nil {
titleCtx, cancel := context.WithTimeout(r.Context(), 7*time.Second) titleCtx, cancel := context.WithTimeout(r.Context(), 7*time.Second)
defer cancel() defer cancel()
@@ -160,6 +165,16 @@ func (h *PostHandler) CreatePost(w http.ResponseWriter, r *http.Request) {
return return
} }
if len(title) > 200 {
SendErrorResponse(w, "Title must be at most 200 characters", http.StatusBadRequest)
return
}
if len(content) > 10000 {
SendErrorResponse(w, "Content must be at most 10000 characters", http.StatusBadRequest)
return
}
post := &database.Post{ post := &database.Post{
Title: title, Title: title,
URL: url, URL: url,