From 83dd418e4f680d294a958d12f28ff0a29ac333e7 Mon Sep 17 00:00:00 2001
From: David Moore <davemooreuws@gmail.com>
Date: Mon, 6 Jan 2025 14:22:23 +1100
Subject: [PATCH] validate more form input for feedback

---
 src/actions/sendFeedback.ts | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/actions/sendFeedback.ts b/src/actions/sendFeedback.ts
index 7eb236266..d2686a282 100644
--- a/src/actions/sendFeedback.ts
+++ b/src/actions/sendFeedback.ts
@@ -17,6 +17,11 @@ export async function sendFeedback(prevState: any, formData: FormData) {
     return { message: 'Not available on production' }
   }
 
+  // validate url and user agent
+  if (!ua || !url.toString().startsWith('/docs')) {
+    return { message: 'invalid' }
+  }
+
   // validate answer
   if (!['yes', 'no', 'feedback'].includes(answer?.toString())) {
     return { message: 'invalid' }