ambiser
/
openvidu
mirror of https://github.com/OpenVidu/openvidu.git
8
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

openvidu-server: sanitize string for custom ConnectionId

pull/690/head
Juan Navarro 2022-01-28 14:16:04 +01:00
parent 425fe0983c
commit eddf86f430
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
openvidu-server/src/main/java/io/openvidu/server/core/SessionManager.java
View File

@ -342,11 +342,12 @@ public abstract class SessionManager {
try { try {
JsonObject serverMetadataJson = JsonParser.parseString(serverMetadata).getAsJsonObject(); JsonObject serverMetadataJson = JsonParser.parseString(serverMetadata).getAsJsonObject();
String customConnectionId = serverMetadataJson.get("openviduCustomConnectionId").getAsString(); String customConnectionId = serverMetadataJson.get("openviduCustomConnectionId").getAsString();
customConnectionId = customConnectionId.replaceAll("\\W", ""); // Remove all non-word characters: [^A-Za-z0-9_]
customConnectionId = customConnectionId.replaceAll(IdentifierPrefixes.PARTICIPANT_PUBLIC_ID, ""); customConnectionId = customConnectionId.replaceAll(IdentifierPrefixes.PARTICIPANT_PUBLIC_ID, "");
tokenObj.setConnectionId(IdentifierPrefixes.PARTICIPANT_PUBLIC_ID + customConnectionId); tokenObj.setConnectionId(IdentifierPrefixes.PARTICIPANT_PUBLIC_ID + customConnectionId);
} catch (Exception e) { } catch (Exception e) {
log.debug( log.debug(
"Tried to parse server metadata as JSON after encountering \"openviduCustomConnectionId\" string but failed with {}: {}", "Tried to parse server metadata as JSON after encountering \"openviduCustomConnectionId\" string, but failed with {}: {}",
e.getClass().getCanonicalName(), e.getMessage()); e.getClass().getCanonicalName(), e.getMessage());
} }
} }