diff options
author | cel <cel@f/6sQ6d2CMxRUhLpspgGIulDxDCwYD7DzFzPNr7u5AU=.ed25519> | 2017-10-17 10:20:48 -1000 |
---|---|---|
committer | cel <cel@f/6sQ6d2CMxRUhLpspgGIulDxDCwYD7DzFzPNr7u5AU=.ed25519> | 2017-10-17 10:20:48 -1000 |
commit | 8440eb927f93ded7f18ab38dbd0d6005785ee076 (patch) | |
tree | ea40cb8c105e5dda06f944c5044feba3e94bc4b3 /lib | |
parent | 93cedb4dbe760934ac0138bd9f087079662060b8 (diff) | |
download | patchfoo-8440eb927f93ded7f18ab38dbd0d6005785ee076.tar.gz patchfoo-8440eb927f93ded7f18ab38dbd0d6005785ee076.zip |
Sanitize limit values
Diffstat (limited to 'lib')
-rw-r--r-- | lib/app.js | 8 |
1 files changed, 5 insertions, 3 deletions
@@ -354,12 +354,13 @@ App.prototype.createLogStream = function (opts) { App.prototype.createFeedStream = function (opts) { // work around opts.gt being treated as opts.gte sometimes + var limit = Number(opts.limit) if (opts.gt && opts.limit && !opts.reverse) return pull( this.sbot.createFeedStream(u.mergeOpts(opts, {limit: opts.limit + 1})), pull.filter(function (msg) { return msg && msg.value.timestamp !== opts.gt }), - opts.limit && pull.take(opts.limit) + limit && pull.take(limit) ) return this.sbot.createFeedStream(opts) } @@ -551,6 +552,7 @@ App.prototype.streamEmojis = function () { App.prototype.filter = function (plugin, opts, filter) { // work around flumeview-query not picking the best index. // %b+QdyLFQ21UGYwvV3AiD8FEr7mKlB8w9xx3h8WzSUb0=.sha256 + var limit = Number(opts.limit) var index if (plugin === this.sbot.backlinks) { var c = filter && filter.value && filter.value.content @@ -563,7 +565,7 @@ App.prototype.filter = function (plugin, opts, filter) { plugin.read({ index: index, reverse: opts.reverse, - limit: opts.limit && (opts.limit + 1), + limit: limit && (limit + 1), query: [{$filter: u.mergeOpts(filter, { timestamp: { $gte: opts.gt, @@ -574,7 +576,7 @@ App.prototype.filter = function (plugin, opts, filter) { pull.filter(function (msg) { return msg && msg.timestamp !== opts.lt && msg.timestamp !== opts.gt }), - opts.limit && pull.take(opts.limit) + limit && pull.take(limit) ) } |