changed 'claim' to 'name' and added validation
This commit is contained in:
parent
9867969a65
commit
ae5711837a
3 changed files with 50 additions and 14 deletions
16
README.md
16
README.md
|
@ -44,14 +44,18 @@ spee.ch is a single-serving site that reads and publishes images to and from the
|
|||
* /api/publish
|
||||
* request parameters:
|
||||
* body (form-data):
|
||||
* claim: string (optional, defults to the file's name sans extension)
|
||||
* license: string (optional, defaults to "No License Provided")
|
||||
* nsfw: string ("on"/"off") or boolean (true/false). (optional, defaults `true`)
|
||||
* name: string (optional)
|
||||
* defaults to the file's name, sans extension
|
||||
* names can only contain the following characters: `A-Z`, `a-z`, `_`, or `-`
|
||||
* license: string (optional)
|
||||
* defaults to "No License Provided"
|
||||
* only "Public Domain" or "Creative Commons" licenses are allowed
|
||||
* nsfw: string or boolean (optional)
|
||||
* defaults `true`
|
||||
* nsfw can be a string ("on"/"off") or boolean (`true`/`false`)
|
||||
* files:
|
||||
* (the `files` object submitted must use "file1" or "null" as the key for the file's value object)
|
||||
* the `files` object submitted must use "speech" or "null" as the key for the file's value object
|
||||
* a successfull request will return the transaction details resulting from your published claim in JSON format
|
||||
|
||||
|
||||
|
||||
## bugs
|
||||
If you find a bug or experience a problem, please report your issue here on github and find us in the lbry slack!
|
||||
|
|
|
@ -7,12 +7,16 @@ module.exports = {
|
|||
createPublishParams (name, filePath, license, nsfw) {
|
||||
logger.debug(`Creating Publish Parameters for "${name}"`);
|
||||
// ensure nsfw is a boolean
|
||||
if (nsfw.toLowerCase === 'true') {
|
||||
nsfw = true;
|
||||
} else if (nsfw.toLowerCase === 'on') {
|
||||
nsfw = true;
|
||||
} else {
|
||||
if (nsfw.toLowerCase === 'false') {
|
||||
nsfw = false;
|
||||
} else if (nsfw.toLowerCase === 'off') {
|
||||
nsfw = false;
|
||||
} else if (nsfw === 0) {
|
||||
nsfw = false;
|
||||
} else if (nsfw === '0') {
|
||||
nsfw = false;
|
||||
} else {
|
||||
nsfw = true;
|
||||
}
|
||||
const publishParams = {
|
||||
name,
|
||||
|
|
|
@ -34,14 +34,42 @@ module.exports = app => {
|
|||
// route to run a publish request on the daemon
|
||||
app.post('/api/publish', multipartMiddleware, ({ originalUrl, body, files }, res) => {
|
||||
logger.debug(`POST request on ${originalUrl}`);
|
||||
const file = files.thumbnail || files.null;
|
||||
// validate that a file was provided (note: need to validate it is not a potentially harmful file type)
|
||||
const file = files.speech || files.null;
|
||||
if (!file) {
|
||||
res.status(400).send('error: No file was submitted or the key used was incorrect. Files posted through this route must use a key of "thumbnail" or null');
|
||||
res.status(400).send('Error: No file was submitted or the key used was incorrect. Files posted through this route must use a key of "speech" or null');
|
||||
return;
|
||||
}
|
||||
const name = body.claim || file.name.substring(0, file.name.indexOf('.'));
|
||||
// validate name
|
||||
const name = body.name || file.name.substring(0, file.name.indexOf('.'));
|
||||
const invalidCharacters = /[^\w,-]/.exec(name);
|
||||
if (invalidCharacters) {
|
||||
res.status(400).send('Error: The name you provided is not allowed. Please use A-Z, a-z, 0-9, "_" and "-" only.');
|
||||
return;
|
||||
}
|
||||
// validate license
|
||||
const license = body.license || 'No License Provided';
|
||||
if ((license.indexOf('Public Domain') === -1) && (license.indexOf('Creative Commons') === -1)) {
|
||||
res.status(400).send('Error: Only posts with a license of "Public Domain" or "Creative Commons" are eligible for publishing through spee.ch');
|
||||
return;
|
||||
}
|
||||
const nsfw = body.nsfw || true;
|
||||
switch (nsfw) {
|
||||
case true:
|
||||
case false:
|
||||
case 'true':
|
||||
case 'false':
|
||||
case 'on':
|
||||
case 'off':
|
||||
case 0:
|
||||
case '0':
|
||||
case 1:
|
||||
case '1':
|
||||
break;
|
||||
default:
|
||||
res.status(400).send('Error: NSFW value was not accepted. NSFW must be set to either true, false, "on", or "off"');
|
||||
return;
|
||||
}
|
||||
const fileName = file.name;
|
||||
const filePath = file.path;
|
||||
const fileType = file.type;
|
||||
|
|
Loading…
Reference in a new issue