Per this code review comment, let's avoid directly inserting arbitrary strings from the caller into URL paths to send to the server -- better to lightly validate to avoid potential security issues.
I did this for Client.Notice in that PR, but we should also do it in client/changes.go and any other places in the client that does this.
Per this code review comment, let's avoid directly inserting arbitrary strings from the caller into URL paths to send to the server -- better to lightly validate to avoid potential security issues.
I did this for
Client.Noticein that PR, but we should also do it inclient/changes.goand any other places in the client that does this.