mzur
commented
4 years ago The route validation isn't perfect but it should catch some malformed or malicious requests. Anything else would be too much trouble.
Closed mzur closed 4 years ago
mzur
commented
4 years ago The route validation isn't perfect but it should catch some malformed or malicious requests. Anything else would be too much trouble.
Using a big integer as ID (example
https://biigle.de/annotate/5368536993) results in a server error as it is rejected by the database. Catch these integers as invalid. Most of these cases might be caught with a proper route pattern. But in some cases IDs may be provided as request arguments, too, which must be validated in the request class.