From ae0b11a8ff045de716c4f4628a74e7d42afb8e43 Mon Sep 17 00:00:00 2001
From: ale <ale@incal.net>
Date: Mon, 10 Jun 2019 08:24:11 +0100
Subject: [PATCH] Sanitize SetAccountRecoveryHint requests

---
 actions_user.go | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/actions_user.go b/actions_user.go
index 3aae3ca..663b4fb 100644
--- a/actions_user.go
+++ b/actions_user.go
@@ -228,6 +228,14 @@ type SetAccountRecoveryHintRequest struct {
 	Response string `json:"recovery_response"`
 }
 
+// Sanitize the request.
+func (r *SetAccountRecoveryHintRequest) Sanitize() {
+	r.PrivilegedRequestBase.Sanitize()
+	if r.Response != "" {
+		r.Response = sanitizedValue
+	}
+}
+
 // Validate the request.
 func (r *SetAccountRecoveryHintRequest) Validate(rctx *RequestContext) error {
 	var err *validationError
-- 
GitLab