diff options
| author | Shadowghost <Ghost_of_Stone@web.de> | 2026-03-30 09:40:01 +0200 |
|---|---|---|
| committer | Bond_009 <bond.009@outlook.com> | 2026-04-06 11:37:45 +0200 |
| commit | 3c2833e3e8945a119dfd59f53a7bb76ac51c566c (patch) | |
| tree | 92829d62b0f1019a2632a5f9da95e6eecbac2ea6 | |
| parent | 3c9b71e1241237107c260bb84b9221f532ef8105 (diff) | |
Fix GHSA v2jv-54xj-h76w
| -rw-r--r-- | Jellyfin.Api/Controllers/SyncPlayController.cs | 2 | ||||
| -rw-r--r-- | Jellyfin.Api/Models/SyncPlayDtos/NewGroupRequestDto.cs | 3 |
2 files changed, 4 insertions, 1 deletions
diff --git a/Jellyfin.Api/Controllers/SyncPlayController.cs b/Jellyfin.Api/Controllers/SyncPlayController.cs index 3d6874079d..991fb87144 100644 --- a/Jellyfin.Api/Controllers/SyncPlayController.cs +++ b/Jellyfin.Api/Controllers/SyncPlayController.cs @@ -58,7 +58,7 @@ public class SyncPlayController : BaseJellyfinApiController [FromBody, Required] NewGroupRequestDto requestData) { var currentSession = await RequestHelpers.GetSession(_sessionManager, _userManager, HttpContext).ConfigureAwait(false); - var syncPlayRequest = new NewGroupRequest(requestData.GroupName); + var syncPlayRequest = new NewGroupRequest(requestData.GroupName.Trim()); return Ok(_syncPlayManager.NewGroup(currentSession, syncPlayRequest, CancellationToken.None)); } diff --git a/Jellyfin.Api/Models/SyncPlayDtos/NewGroupRequestDto.cs b/Jellyfin.Api/Models/SyncPlayDtos/NewGroupRequestDto.cs index 32a3bb444c..2e1889fed4 100644 --- a/Jellyfin.Api/Models/SyncPlayDtos/NewGroupRequestDto.cs +++ b/Jellyfin.Api/Models/SyncPlayDtos/NewGroupRequestDto.cs @@ -1,3 +1,5 @@ +using System.ComponentModel.DataAnnotations; + namespace Jellyfin.Api.Models.SyncPlayDtos; /// <summary> @@ -17,5 +19,6 @@ public class NewGroupRequestDto /// Gets or sets the group name. /// </summary> /// <value>The name of the new group.</value> + [StringLength(200, ErrorMessage = "Group name must not exceed 200 characters.")] public string GroupName { get; set; } } |