summary refs log tree commit diff
path: root/synapse/rest
diff options
context:
space:
mode:
authorErik Johnston <erik@matrix.org>2015-03-18 11:30:04 +0000
committerErik Johnston <erik@matrix.org>2015-03-18 11:30:04 +0000
commit57976f646ffe60eeb5fafce646983641fbfd7944 (patch)
tree6c54dec9debc29a3ff4f058f32ee338104234c3b /synapse/rest
parentComment. (diff)
downloadsynapse-57976f646ffe60eeb5fafce646983641fbfd7944.tar.xz
Do more validation of incoming request
Diffstat (limited to 'synapse/rest')
-rw-r--r--synapse/rest/client/v1/register.py6
1 files changed, 3 insertions, 3 deletions
diff --git a/synapse/rest/client/v1/register.py b/synapse/rest/client/v1/register.py
index 86519fd9dd..ccc457924b 100644
--- a/synapse/rest/client/v1/register.py
+++ b/synapse/rest/client/v1/register.py
@@ -316,11 +316,11 @@ class RegisterRestServlet(ClientV1RestServlet):
     def _do_shared_secret(self, request, register_json, session):
         yield run_on_reactor()
 
-        if "mac" not in register_json:
+        if not isinstance(register_json.get("mac", None), basestring):
             raise SynapseError(400, "Expected mac.")
-        if "user" not in register_json:
+        if not isinstance(register_json.get("user", None), basestring):
             raise SynapseError(400, "Expected 'user' key.")
-        if "password" not in register_json:
+        if not isinstance(register_json.get("password", None), basestring):
             raise SynapseError(400, "Expected 'password' key.")
 
         if not self.hs.config.registration_shared_secret: