ahtlon/deck
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Properly validate hex colors

Browse Source 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
This commit is contained in:
Julius Härtl
2020-09-01 14:10:42 +02:00
parent 341a9628e9
commit c2a4f946b4
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
lib/DAV/Calendar.php
View File

@@ -30,6 +30,7 @@ use Sabre\CalDAV\Xml\Property\SupportedCalendarComponentSet;
use Sabre\DAV\Exception\Forbidden;
use Sabre\DAV\Exception\NotFound;
use Sabre\DAV\PropPatch;
use Sabre\VObject\InvalidDataException;
class Calendar extends ExternalCalendar {
@@ -164,7 +165,11 @@ class Calendar extends ExternalCalendar {
$this->board->setTitle($value);
break;
case '{http://apple.com/ns/ical/}calendar-color':
$this->board->setColor(substr($value, 1));
$color = substr($value, 1, 6);
if (!preg_match('/[a-f0-9]{6}/i', $color)) {
throw new InvalidDataException('No valid color provided');
}
$this->board->setColor($color);
break;
}
}