verdnatura/salix
verdnatura
/
salix
3
4
Fork 0
Code Issues Pull Requests 67 Releases Wiki Activity

feat: create post route for debug #1315

Merged
alexm merged 2 commits from 5094-application_post into test 2023-02-15 09:53:56 +00:00
Conversation 0 Commits 2 Files Changed 3 +25 -1
3 changed files with 25 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
loopback/common/methods/application/post.js Normal file
View File

@ -0,0 +1,17 @@
module.exports = Self => {
Self.remoteMethodCtx('post', {
description: 'Returns the sent parameters',
returns: {
type: 'object',
root: true
},
http: {
path: `/post`,
verb: 'POST'
}
});
Self.post = async ctx => {
return ctx.req.body;
alexm commented 2023-02-15 08:13:12 +00:00
Review
Copy Link

He pensat alguna manera de que tornar el ctx.req.body puga tindre alguna vulnerabilitat i no se me ha ocurrit.
Vaig provar a passar alguna funvio pero com loopback teu parseja a JSON si posen algo diferent dona error de parsetjar.
Per ejemple:
{
"test": salixFunction()
}
No funcionaria pq JSON no admitix funcions

He pensat alguna manera de que tornar el ctx.req.body puga tindre alguna vulnerabilitat i no se me ha ocurrit. Vaig provar a passar alguna funvio pero com loopback teu parseja a JSON si posen algo diferent dona error de parsetjar. Per ejemple: { "test": salixFunction() } No funcionaria pq JSON no admitix funcions
};
};

1
loopback/common/models/application.js
View File

@ -1,4 +1,5 @@
module.exports = function(Self) {
require('../methods/application/status')(Self);
require('../methods/application/post')(Self);
};

6
loopback/common/models/application.json
View File

@ -7,6 +7,12 @@
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW"
},
{
"property": "post",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW"
}
]
}