summaryrefslogtreecommitdiff
path: root/src/main.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/main.c')
-rw-r--r--src/main.c33
1 files changed, 20 insertions, 13 deletions
diff --git a/src/main.c b/src/main.c
index a97ec4d..078bd5b 100644
--- a/src/main.c
+++ b/src/main.c
@@ -31,11 +31,16 @@
#include "debug/local-play.h"
#endif
-#define STP_REST_LIST_STREAMS "/api/list-streams"
-#define STP_REST_ABORT_STREAM "/api/abort-stream"
-#define STP_REST_ADD_TOKEN "/api/add-token"
-#define STP_REST_REVOKE_TOKEN "/api/revoke-token"
-#define STP_REST_LIST_TOKENS "/api/list-tokens"
+#define STP_STREAM_PREFIX "/stream/"
+#define STP_REST_API_PREFIX "/api/"
+
+#define STP_REST_LIST_STREAMS STP_REST_API_PREFIX "list-streams"
+#define STP_REST_ABORT_STREAM STP_REST_API_PREFIX "abort-stream"
+#define STP_REST_ADD_TOKEN STP_REST_API_PREFIX "add-token"
+#define STP_REST_REVOKE_TOKEN STP_REST_API_PREFIX "revoke-token"
+#define STP_REST_LIST_TOKENS STP_REST_API_PREFIX "list-tokens"
+
+#define STP_SESSIONID(X) &X[sizeof(STP_STREAM_PREFIX)-1]
typedef struct _STPHashTables STPHashTables;
@@ -74,7 +79,8 @@ get_server_ctx_from_msg (SoupMessage *msg,
STPServerCtx *ctx;
g_object_get (msg, "uri", &uri, NULL);
- ctx = g_hash_table_lookup (ctx_table, &soup_uri_get_path (uri)[1]);
+ ctx = g_hash_table_lookup (ctx_table,
+ STP_SESSIONID (soup_uri_get_path (uri)));
soup_uri_free (uri);
if (!ctx)
@@ -633,15 +639,16 @@ got_request_headers (SoupMessage *msg,
/* Token API methods are handled in the server callbacks,
* so we ignore those paths here. */
- if (g_str_has_prefix (path, STP_REST_LIST_STREAMS) ||
- g_str_has_prefix (path, STP_REST_ABORT_STREAM) ||
- g_str_has_prefix (path, STP_REST_ADD_TOKEN) ||
- g_str_has_prefix (path, STP_REST_REVOKE_TOKEN) ||
- g_str_has_prefix (path, STP_REST_LIST_TOKENS))
+ if (g_str_has_prefix (path, STP_REST_API_PREFIX))
goto out;
- /* Remove the leading '/' to get the session id */
- sessionid = &path[1];
+ /* Reject non-stream-prefix requests */
+ if (!g_str_has_prefix (path, STP_STREAM_PREFIX)) {
+ soup_message_set_status (msg, SOUP_STATUS_NOT_FOUND);
+ goto out;
+ }
+ /* Remove the leading '/stream/' to get the session id */
+ sessionid = STP_SESSIONID(path);
if (msg->method == SOUP_METHOD_PUT ||
msg->method == SOUP_METHOD_POST)
generated by cgit v0.11.2-2-gd1dd at 2024-11-15 05:34:17 (GMT)