Permalink
Browse files

Return early on malformed assertions early [closes #178]

  • Loading branch information...
1 parent 875b37d commit f933c180e68fe7bebed0e9ae1041830bfe2124df @brianloveswords brianloveswords committed Jun 4, 2012
Showing with 9 additions and 3 deletions.
  1. +1 −1 controllers/baker.js
  2. +8 −2 models/badge.js
View
2 controllers/baker.js
@@ -66,9 +66,9 @@ exports.baker = function (request, response) {
logger.warn('reason: ' + errorString);
return response.send(errorString, 400);
}
+
// Check if the assertion obtained is a valid assetion
// If not send a proper response
-
err = Badge.validateBody(assertion);
if (err) {
errorString = JSON.stringify(err);
View
10 models/badge.js
@@ -137,7 +137,13 @@ Badge.validateBody = function (body) {
var err = new Error('Invalid badge assertion');
err.fields = {};
- var fieldFromDottedString = function (str, obj) {
+ var internalClass = Object.prototype.toString.call(body);
+ if (!body || internalClass !== '[object Object]') {
+ err.message = 'Invalid badge assertion: invalid body';
+ return err
+ }
+
+ function fieldFromDottedString (str, obj) {
var fields = str.split('.');
var current = obj;
var previous = null;
@@ -146,7 +152,7 @@ Badge.validateBody = function (body) {
current = current[f];
});
return previous[fields.pop()];
- };
+ }
var test = {
missing: function (fieldStr) {

0 comments on commit f933c18

Please sign in to comment.