roysc/plugeth
1
0
Fork 0
forked from cerc-io/plugeth
Code Pull Requests Activity

p2p/simulations: escape mockerType value from request (#24822)

Browse Source 
Co-authored-by: Felix Lange <fjl@twurst.com>
This commit is contained in:
ImanSharaf 2022-05-05 10:44:36 -07:00 committed by GitHub
parent 256aae0bfa
commit ca8e2f1ecf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
p2p/simulations/http.go
View File

@ -22,6 +22,7 @@ import (
"context"
"encoding/json"
"fmt"
"html"
"io"
"io/ioutil"
"net/http"
@ -336,7 +337,7 @@ func (s *Server) StartMocker(w http.ResponseWriter, req *http.Request) {
mockerType := req.FormValue("mocker-type")
mockerFn := LookupMocker(mockerType)
if mockerFn == nil {
http.Error(w, fmt.Sprintf("unknown mocker type %q", mockerType), http.StatusBadRequest)
http.Error(w, fmt.Sprintf("unknown mocker type %q", html.EscapeString(mockerType)), http.StatusBadRequest)
return
}
nodeCount, err := strconv.Atoi(req.FormValue("node-count"))