Mercurial > libervia-backend

changeset 4114:79ec7d7beef3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
plugin XEP-0166: reject session creation is session ID is empty
author Goffi <goffi@goffi.org>
date Wed, 16 Aug 2023 18:28:32 +0200
parents 3f59a2b141cc
children 0da563780ffc
files libervia/backend/plugins/plugin_xep_0166/__init__.py
diffstat 1 files changed, 4 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/libervia/backend/plugins/plugin_xep_0166/__init__.py	Wed Aug 09 00:48:11 2023 +0200
+++ b/libervia/backend/plugins/plugin_xep_0166/__init__.py	Wed Aug 16 18:28:32 2023 +0200
@@ -184,6 +184,10 @@
         @raise ValueError: If the provided role is neither initiator nor responder.
         """
         # TODO: session cleaning after timeout ?
+
+        if not sid:
+            raise exceptions.DataError("Empty session ID is not allowed")
+
         if role not in [XEP_0166.ROLE_INITIATOR, XEP_0166.ROLE_RESPONDER]:
             raise ValueError(f"Invalid role {role}. Expected initiator or responder.")