1f349/bluebell
4
0
Fork 0
mirror of https://github.com/1f349/site-hosting.git synced 2025-01-20 22:26:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

API: Prevent setEnabled when domain is not owned

Browse Source
This commit is contained in:
Melon 2025-01-08 00:32:31 +00:00
parent 303e789d82
commit 6f285c8208
Signed by: melon
GPG Key ID: 6C9D970C50D26A25
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
api/api.go
View File

@ -34,6 +34,7 @@ func setEnabled(rw http.ResponseWriter, req *http.Request, params httprouter.Par
if !validateDomainOwnershipClaims(host, b.Claims.Perms) { if !validateDomainOwnershipClaims(host, b.Claims.Perms) {
http.Error(rw, "Forbidden", http.StatusForbidden) http.Error(rw, "Forbidden", http.StatusForbidden)
return
} }
err := db.SetDomainBranchEnabled(req.Context(), database.SetDomainBranchEnabledParams{ err := db.SetDomainBranchEnabled(req.Context(), database.SetDomainBranchEnabledParams{