From 7caaf7fdc2c8a9f755ed37e2f06a076da5a1efc5 Mon Sep 17 00:00:00 2001 From: Enstrayed <48845980+Enstrayed@users.noreply.github.com> Date: Sat, 11 May 2024 10:57:02 -0700 Subject: [PATCH] bodge to try and patch malformed request bodies in mailjet.js --- routes/mailjet.js | 74 ++++++++++++++++++++++++++--------------------- 1 file changed, 41 insertions(+), 33 deletions(-) diff --git a/routes/mailjet.js b/routes/mailjet.js index bd2c48b..e53f3f1 100644 --- a/routes/mailjet.js +++ b/routes/mailjet.js @@ -14,42 +14,50 @@ app.post("/sendemail", (rreq,rres) => { } else { if (dbRes["content"][rreq.get("Authorization").split("_")[0]] === rreq.get("Authorization").split("_")[1]) { - let message = { - "Messages": [ - { - "From": { - "Email": globalConfig.mailjet.senderAddress, - "Name": globalConfig.mailjet.senderName, - }, - "To": [ - { - "Email": rreq.body.recipient.emailAddr, - "Name": rreq.body.recipient.emailName, - } - ], - - "Subject": rreq.body.message.subject, - "TextPart": rreq.body.message.content, + // 2024-05-11: Turbo bodge check to make sure request JSON is valid, probably wont work but whatever + if (rreq.body == undefined || rreq.body.recipient == undefined) { + console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 400 KEY:${rreq.get("Authorization").split("_")[1]}`) + rres.sendStatus(400) + } else { + + let message = { + "Messages": [ + { + "From": { + "Email": globalConfig.mailjet.senderAddress, + "Name": globalConfig.mailjet.senderName, + }, + "To": [ + { + "Email": rreq.body.recipient, + } + ], + + "Subject": rreq.body.subject || "Request did not include a subject.", + "TextPart": rreq.body.message || "Request did not include a message.", + } + ] + } + + fetch("https://api.mailjet.com/v3.1/send", { + method: "POST", + headers: { + "Authorization": `Basic ${btoa(globalConfig.mailjet.apiKey)}`, + "Content-Type": "application/json" + }, + body: JSON.stringify(message) + }).then(fetchRes => { + if (fetchRes.status == 200) { + console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 200 KEY:${rreq.get("Authorization").split("_")[1]}`) + rres.sendStatus(200) + } else { + console.log(`Mailjet Fetch returned result other than OK: ${fetchRes.status} ${fetchRes.statusText}`) + rres.sendStatus(500) } - ] + }) } - fetch("https://api.mailjet.com/v3.1/send", { - method: "POST", - headers: { - "Authorization": `Basic ${btoa(globalConfig.mailjet.apiKey)}`, - "Content-Type": "application/json" - }, - body: JSON.stringify(message) - }).then(fetchRes => { - if (fetchRes.status == 200) { - console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 200 KEY:${rreq.get("Authorization")}`) - rres.sendStatus(200) - } else { - console.log(`Mailjet Fetch returned result other than OK: ${fetchRes.status} ${fetchRes.statusText}`) - rres.sendStatus(500) - } - }) + } else { console.log(`${rreq.get("cf-connecting-ip")} POST /sendemail returned 401`) // log ip of unauthorized requests