MCPcopy
hub / github.com/autobrr/qui / validateQueryParams

Method validateQueryParams

internal/proxy/handler.go:952–972  ·  view source on GitHub ↗

validateQueryParams checks if all query parameters are in the allowed list Returns true if validation passes, false if validation fails (and proxies upstream)

(w http.ResponseWriter, r *http.Request, allowedParams map[string]struct{}, endpoint string)

Source from the content-addressed store, hash-verified

950// validateQueryParams checks if all query parameters are in the allowed list
951// Returns true if validation passes, false if validation fails (and proxies upstream)
952func (h *Handler) validateQueryParams(w http.ResponseWriter, r *http.Request, allowedParams map[string]struct{}, endpoint string) bool {
953 ctx := r.Context()
954 instanceID := GetInstanceIDFromContext(ctx)
955 clientAPIKey := GetClientAPIKeyFromContext(ctx)
956 queryParams := r.URL.Query()
957
958 for key := range queryParams {
959 if _, ok := allowedParams[strings.ToLower(key)]; !ok {
960 log.Trace().
961 Int("instanceId", instanceID).
962 Str("client", clientAPIKey.ClientName).
963 Str("endpoint", endpoint).
964 Str("param", key).
965 Str("value", queryParams.Get(key)).
966 Msg("Unsupported query parameter, proxying upstream")
967 h.ServeHTTP(w, r)
968 return false
969 }
970 }
971 return true
972}
973
974func parseCSVQueryValues(queryParams url.Values, keys ...string) []string {
975 if len(keys) == 0 {

Callers 7

handleTorrentsInfoMethod · 0.95
handleTorrentSearchMethod · 0.95
handleCategoriesMethod · 0.95
handleTagsMethod · 0.95
handleTorrentTrackersMethod · 0.95
handleTorrentFilesMethod · 0.95

Calls 4

ServeHTTPMethod · 0.95
GetInstanceIDFromContextFunction · 0.85
GetMethod · 0.65

Tested by

no test coverage detected