Commits

Fred T-H committed 2bbf03f

adding some debug info and HTML escaping

Comments (0)

Files changed (1)

src/chut_webserver.erl

 
 init([Port]) ->
     process_flag(trap_exit, true),
-    io:format("~p (~p) starting...~n", [?MODULE, self()]),
+    io:format("~p (~p) starting on port ~p...~n", [?MODULE, self(), Port]),
     mochiweb_http:start([{port, Port},
                          {loop, fun(Req) -> dispatch_requests(Req) end}]),
     {ok, []}.
     From = proplists:get_value("from", Params),
     To = proplists:get_value("to", Params),
     Message = proplists:get_value("msg", Params),
+    ok = check_params(Req, [From, To, Message], ["from", "to", "msg"]),
     {ok, H} = chut_client:connect(From),
     chut_client:message(From, To, Message),
     chut_client:disconnect(From, H),
     reply(Req, JSON, Params);
 
 handle(Path, Req) ->
+    io:format("Unexpected ~p call~n", [Path]),
     Params = Req:parse_qs(),
     reply(Req, mochijson2:encode([error,list_to_binary(Path)]), Params).
 
 json_prepare({Verb,To=[_|_],Msg}) -> json_prepare({Verb,unicode:characters_to_binary(To),Msg});
 json_prepare({Verb,To,Msg=[_|_]}) -> json_prepare({Verb,To,unicode:characters_to_binary(Msg)});
 json_prepare({Verb,To,Msg}) ->
-    {struct, [{action,Verb},{to,To},{message,Msg}]}.
+    {struct, [{action,Verb},
+              {to,To},
+              {message,mochiweb_html:escape(Msg)}]}.
 
 reply(Req, JSON, Params) ->
     Callback = proplists:get_value("callback", Params),
-    Req:respond({200, [{"Content-Type", "text/javascript"}],
-                [Callback,$(,JSON,$),$;]}).
+    if Callback =/= undefined ->
+        Req:respond({200, [{"Content-Type", "text/javascript"}],
+                    [Callback,$(,JSON,$),$;]});
+       Callback =:= undefined ->
+        Req:respond({400, [], "Callback undefined"})
+    end.
+            
+%% replies with an error whenever some parameters are undefined      
+check_params(Req, Params, Names) ->
+    case lists:any(fun(X) -> X =:= undefined end, Params) of
+        true -> Req:respond({400,
+                             [],
+                             ["Some parameters are undefined:",
+                              string:join(Names, ", ")]});
+        false -> ok
+    end.
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.