Nosial/socialbox-php
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Improve header validation and error messages in RpcHandler

Browse source
This commit is contained in:
netkas 2024-09-27 14:21:08 -04:00
parent a8cbac9dcc
commit 51a1136380
1 changed files with 4 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
src/Socialbox/Classes/RpcHandler.php
View file

@ -31,7 +31,6 @@ class RpcHandler
try
{
$headers = Utilities::getRequestHeaders();
foreach(StandardHeaders::getRequiredHeaders() as $header)
{
if (!isset($headers[$header]))
@ -50,9 +49,9 @@ class RpcHandler
break;
case StandardHeaders::CONTENT_TYPE:
if($headers[$header] !== 'application/json')
if(!str_contains($headers[$header], 'application/json'))
{
throw new RpcException("Invalid Content-Type header: Expected application/json", 400);
throw new RpcException(sprintf("Invalid Content-Type header: Expected application/json, got %s", $headers[$header]), 400);
}
break;
@ -81,7 +80,7 @@ class RpcHandler
// If no signature is provided, it must be required if the client is providing a Session UUID
if($clientRequest->getSignature() === null)
{
throw new RpcException(sprintf('Unauthorized request, signature required for session based requests', StandardHeaders::SIGNATURE->value), 401);
throw new RpcException(sprintf('Unauthorized request, signature required for session based requests'), 401);
}
try