Merge pull request #1 from loovjo/master

Validate websocket JSON to make sure the server does not crash upon receiving invalid jSON
author: John Eisenmann <esperantanaso@gmail.com> 2020-05-09 18:40:41 -0400
committer: GitHub <noreply@github.com> 2020-05-09 18:40:41 -0400
commit: 1e8cf3afd3e5fad8fdc07d62facf7aa635f3bd13 (patch)
tree: a59d8efb3505915ee80773468f8229819b4b1e7f
parent: 67bb7d6a2c3eabf6b2995c7676ae14ddf169ee35 (diff)
parent: 6c1ab2001984fb3a61a1c575272306b1d8eabd03 (diff)
1 files changed, 11 insertions, 1 deletions
diff --git a/routes/index.js b/routes/index.js
index 27116d4..b7e9526 100644
--- a/routes/index.js
+++ b/routes/index.js
@@ -369,7 +369,17 @@ router.get("/game", checkAuthentication(PAGE_ERROR_OUTPUT), function(req, res, n
 router.ws("/gameUpdate", checkAuthentication(SOCKET_ERROR_OUTPUT), function(ws, req, next) {
     console.log("Opening socket.");
     ws.on("message", function(message) {
-        var tempCommandList = JSON.parse(message);
+        var tempCommandList;
+        try {
+            tempCommandList = JSON.parse(message);
+        } catch (tempErr) {
+            var tempResult = {
+                success: false,
+                message: "Invalid JSON",
+            };
+            ws.send(JSON.stringify(tempResult));
+            return;
+        }
         if (gameUtils.isInDevelopmentMode) {
             setTimeout(function() {
                 performUpdate(tempCommandList);
author	John Eisenmann <esperantanaso@gmail.com>	2020-05-09 18:40:41 -0400
committer	GitHub <noreply@github.com>	2020-05-09 18:40:41 -0400
commit	1e8cf3afd3e5fad8fdc07d62facf7aa635f3bd13 (patch)
tree	a59d8efb3505915ee80773468f8229819b4b1e7f
parent	67bb7d6a2c3eabf6b2995c7676ae14ddf169ee35 (diff)
parent	6c1ab2001984fb3a61a1c575272306b1d8eabd03 (diff)