From ae0b11a8ff045de716c4f4628a74e7d42afb8e43 Mon Sep 17 00:00:00 2001 From: ale Date: Mon, 10 Jun 2019 08:24:11 +0100 Subject: [PATCH] Sanitize SetAccountRecoveryHint requests --- actions_user.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/actions_user.go b/actions_user.go index 3aae3ca..663b4fb 100644 --- a/actions_user.go +++ b/actions_user.go @@ -228,6 +228,14 @@ type SetAccountRecoveryHintRequest struct { Response string `json:"recovery_response"` } +// Sanitize the request. +func (r *SetAccountRecoveryHintRequest) Sanitize() { + r.PrivilegedRequestBase.Sanitize() + if r.Response != "" { + r.Response = sanitizedValue + } +} + // Validate the request. func (r *SetAccountRecoveryHintRequest) Validate(rctx *RequestContext) error { var err *validationError -- GitLab