Skip to content
Snippets Groups Projects
Commit bdb22db1 authored by Guillaume ROUSSE's avatar Guillaume ROUSSE
Browse files

test parameter format in dedicated handler

parent fc788d00
No related branches found
No related tags found
No related merge requests found
......@@ -19,17 +19,11 @@ use AccountManager::Service;
use AccountManager::Token;
use AccountManager::Tools;
## Defining parameters format
my $urn_or_url_regex = '(http(s?):\/\/|urn:)[^\\\$\*\"\'\`\^\|\<\>\n\s]+'
; ## Format de type URL HTTP ou URN
my $url_regex = 'http(s?):\/\/[^\\\$\*\"\'\`\^\|\<\>\n\s]+';
my $email_regex = '([\w\-\_\.\/\+\=\'\&]+|\".*\")\@[\w\-]+(\.[\w\-]+)+';
my $domains_regex = '[\w\.\-]+(,[\w\.\-]+)*';
my %format = (
## URL
#'attributeauthority' => $url_regex,
'entityid' => $urn_or_url_regex,
);
# Format de type URL HTTP ou URN
my $urn_or_url_regex = '(http(s?):\/\/|urn:)[^\\\$\*\"\'\`\^\|\<\>\n\s]+';
my $url_regex = 'http(s?):\/\/[^\\\$\*\"\'\`\^\|\<\>\n\s]+';
my $email_regex = '([\w\-\_\.\/\+\=\'\&]+|\".*\")\@[\w\-]+(\.[\w\-]+)+';
my $domains_regex = '[\w\.\-]+(,[\w\.\-]+)*';
my %actions = (
home => 'req_home',
......@@ -85,23 +79,6 @@ sub run {
$parameters{$parameter} =~ s/\s+$//; # remove trailing spaces
$parameters{$parameter} =~ s/^\s+//; # remove leading spaces
# format check
if (defined $format{$parameter}
&& !ref($format{$parameter})) {
if ($parameters{$parameter} !~ /^$format{$parameter}$/) {
$self->{logger}->error(
"Incorrect parameter format : $parameter"
);
$self->respond(
template => 'index.tt2.html',
data => {
content => 'errors.tt2.html',
errors => [ "format_$parameter" ]
}
);
}
}
# If action_xx parameter is set, set action parameter with value xx
if ($parameter =~ /^action_(\w+)$/) {
$parameters{action} = $1;
......@@ -168,7 +145,6 @@ sub respond {
printf "Content-type: text/plain\n\n Error: %s", $tt2->error();
$self->{logger}->errorf("Web parser error : %s", $tt2->error());
}
}
sub req_select_sp {
......@@ -207,8 +183,8 @@ sub req_select_sp {
sub req_select_email {
my ($self) = @_;
unless ($self->{in}->{entityid}) {
$self->{logger}->error("Missing parameter entityid");
if (! $self->{in}->{entityid}) {
$self->{logger}->error("Missing parameter: entityid");
$self->respond(
template => 'index-nobanner.tt2.html',
data => {
......@@ -218,6 +194,17 @@ sub req_select_email {
);
}
if ($self->{in}->{entityid} !~ m/^$urn_or_url_regex$/) {
$self->{logger}->error("Incorrect parameter format: entityid");
$self->respond(
template => 'index-nobanner.tt2.html',
data => {
content => 'errors.tt2.html',
errors => [ "format_entityid" ]
}
);
}
# Create a persistent service provider object
my $provider = AccountManager::Service->new(
db => $self->{db},
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment