System-End/hackatime
1
0
Fork 0
mirror of https://github.com/System-End/hackatime.git synced 2026-04-20 00:35:22 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix bad substring sanitization (#829)

Browse source
This commit is contained in:
Echo 2026-01-25 12:36:57 -05:00 committed by GitHub
parent a395b23dd9
commit 73f383843d
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 8 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
app/models/wakatime_mirror.rb
View file

@ -1,4 +1,6 @@
class WakatimeMirror < ApplicationRecord
require "uri"
belongs_to :user
has_many :heartbeats, through: :user
@ -50,9 +52,12 @@ class WakatimeMirror < ApplicationRecord
private
def endpoint_url_not_hackatime
if endpoint_url.present? && endpoint_url.include?("hackatime.hackclub.com")
errors.add(:endpoint_url, "cannot be hackatime.hackclub.com")
end
return unless endpoint_url.present?
uri = URI.parse(endpoint_url)
errors.add(:endpoint_url, "cannot be hackatime.hackclub.com") if uri.host == "hackatime.hackclub.com"
rescue URI::InvalidURIError
# other validations will handle invalid URLs
end
def schedule_initial_sync