exchange

Base system with REST service to issue digital coins, run by the payment service provider
Log | Files | Refs | Submodules | README | LICENSE
commit 51a281b4170d5efe663bd160f4dadeb1e7d6ad47
parent 99228c467a935c8e91a73d2b6c9d6acd593c05f5
Author: Christian Grothoff <christian@grothoff.org>
Date:   Sun, 18 Feb 2024 11:39:20 +0100

add more sanity checks

Diffstat:

Msrc/util/url.c | 19+++++++++++++++++++


1 file changed, 19 insertions(+), 0 deletions(-)

diff --git a/src/util/url.c b/src/util/url.c
@@ -222,6 +222,25 @@ TALER_url_join (const char *base_url,
                 "Empty base URL specified\n");
     return NULL;
   }
+  if (NULL != strchr (base_url,
+                      '?'))
+  {
+    /* query parameters not supported */
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                "Query parameters not allowed in base URL `%s'\n",
+                base_url);
+    return NULL;
+  }
+  if (NULL != strchr (path,
+                      '?'))
+  {
+    /* query parameters not supported */
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                "Query parameters not allowed in path `%s'\n",
+                path);
+    return NULL;
+  }
+
   if ('\0' != path[0])
   {
     if ('/' != base_url[strlen (base_url) - 1])