From 8636d8156b591a9d1ebcc95a188491e88561aca6 Mon Sep 17 00:00:00 2001
From: RblSb <msrblsb@gmail.com>
Date: Sat, 18 Jul 2020 14:42:13 +0300
Subject: Improve data validation

---
 src/server/Main.hx | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

(limited to 'src/server')

diff --git a/src/server/Main.hx b/src/server/Main.hx
index ee8de26..f0c3d7a 100644
--- a/src/server/Main.hx
+++ b/src/server/Main.hx
@@ -294,7 +294,7 @@ class Main {
 
 		ws.on("message", data -> {
 			final obj = wsEventParser.fromJson(data);
-			if (wsEventParser.errors.length > 0) {
+			if (wsEventParser.errors.length > 0 || noTypeObj(obj)) {
 				final line = 'Wrong request for type "${obj.type}":';
 				final errorLines = ErrorUtils.convertErrorArray(wsEventParser.errors);
 				final errors = '$line\n$errorLines';
@@ -312,6 +312,16 @@ class Main {
 		});
 	}
 
+	function noTypeObj(data:WsEvent):Bool {
+		if (data.type == GetTime) return false;
+		if (data.type == TogglePlaylistLock) return false;
+		if (data.type == UpdatePlaylist) return false;
+		if (data.type == Logout) return false;
+		final t:String = cast data.type;
+		final t = t.charAt(0).toLowerCase() + t.substr(1);
+		return js.Syntax.strictEq(Reflect.field(data, t), null);
+	}
+
 	function onMessage(client:Client, data:WsEvent, internal:Bool):Void {
 		logger.log({
 			clientName: client.name,
-- 
cgit v1.2.3