Fix add validation to webpush subscription keys (#30542)
This commit is contained in:
Emelia Smith
GitHub
parent
5f15a892fa
commit
4655be0da6
4 changed files with 57 additions and 11 deletions
|
|
@ -25,6 +25,8 @@ class Web::PushSubscription < ApplicationRecord
|
|||
validates :key_p256dh, presence: true
|
||||
validates :key_auth, presence: true
|
||||
|
||||
validates_with WebPushKeyValidator
|
||||
|
||||
delegate :locale, to: :associated_user
|
||||
|
||||
def encrypt(payload)
|
||||
|
|
|
|||
11
app/validators/web_push_key_validator.rb
Normal file
11
app/validators/web_push_key_validator.rb
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class WebPushKeyValidator < ActiveModel::Validator
|
||||
def validate(subscription)
|
||||
begin
|
||||
Webpush::Encryption.encrypt('validation_test', subscription.key_p256dh, subscription.key_auth)
|
||||
rescue ArgumentError, OpenSSL::PKey::EC::Point::Error
|
||||
subscription.errors.add(:base, I18n.t('crypto.errors.invalid_key'))
|
||||
end
|
||||
end
|
||||
end
|
||||
Loading…
Add table
Add a link
Reference in a new issue