diff options
| author | Sam Anthony <sam@samanthony.xyz> | 2024-11-29 14:00:43 -0500 |
|---|---|---|
| committer | Sam Anthony <sam@samanthony.xyz> | 2024-11-29 14:00:43 -0500 |
| commit | 802d5a33bd77b3d177d3873c225daf2edc5286da (patch) | |
| tree | 77524dcfd79b13a19b0809a771f78933006d566c | |
| parent | 7df70d254cd383882a21c2a727ede7225e520711 (diff) | |
| download | soen422-802d5a33bd77b3d177d3873c225daf2edc5286da.zip | |
server: input validation
| -rw-r--r-- | server/duty.go | 11 | ||||
| -rw-r--r-- | server/humidity.go | 11 | ||||
| -rw-r--r-- | server/target.go | 2 |
3 files changed, 21 insertions, 3 deletions
diff --git a/server/duty.go b/server/duty.go index 82bf60f..55022f3 100644 --- a/server/duty.go +++ b/server/duty.go @@ -8,6 +8,11 @@ import ( "strconv" ) +const ( + minDutyCycle = 0.0 + maxDutyCycle = 100.0 +) + type DutyCycle float32 type DutyCycleHandler struct { @@ -24,10 +29,14 @@ func (h DutyCycleHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { } dc, err := strconv.ParseFloat(r.URL.RawQuery, 32) - if err != nil { + if err != nil || !isValidDutyCycle(dc) { badRequest(w, "invalid duty cycle: '%s'", r.URL.RawQuery) return } h.dc.Set <- DutyCycle(dc) } + +func isValidDutyCycle(dc float64) bool { + return dc >= minDutyCycle && dc <= maxDutyCycle +} diff --git a/server/humidity.go b/server/humidity.go index 8cffccc..e31f4fb 100644 --- a/server/humidity.go +++ b/server/humidity.go @@ -8,6 +8,11 @@ import ( "strconv" ) +const ( + minHumidity = 0.0 + maxHumidity = 100.0 +) + type Humidity float32 type HumidityHandler struct { @@ -46,7 +51,7 @@ func (h HumidityHandler) post(w http.ResponseWriter, r *http.Request) { humidityStr := queryVals["humidity"] humidity, err := strconv.ParseFloat(humidityStr, 32) - if err != nil { + if err != nil || !isValidHumidity(humidity){ badRequest(w, "invalid humidity: '%s'", humidityStr) return } @@ -79,3 +84,7 @@ func parseQuery(query string, keys []string) (map[string]string, error) { } return vals, nil } + +func isValidHumidity(humidity float64) bool { + return humidity >= minHumidity && humidity <= maxHumidity; +} diff --git a/server/target.go b/server/target.go index 2d7ca80..c79d75e 100644 --- a/server/target.go +++ b/server/target.go @@ -31,7 +31,7 @@ func (h TargetHumidityHandler) get(w http.ResponseWriter, r *http.Request) { func (h TargetHumidityHandler) post(w http.ResponseWriter, r *http.Request) { target, err := strconv.ParseFloat(r.URL.RawQuery, 32) - if err != nil { + if err != nil || !isValidHumidity(target) { badRequest(w, "invalid humidity: '%s'", r.URL.RawQuery) return } |