highperfocused/lnbits
1
0
Fork 0
mirror of https://github.com/lnbits/lnbits.git synced 2025-06-11 09:21:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Enforce https on Success URL for lnurlp

Browse Source
This commit is contained in:
Pac 2021-05-28 03:11:42 -03:00 committed by fiatjaf
parent f6a8e96087
commit 036e45d77c
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lnbits/extensions/lnurlp/views_api.py
View File

@ -87,6 +87,9 @@ async def api_link_create_or_update(link_id=None):
round(g.data["min"]) != g.data["min"] or round(g.data["max"]) != g.data["max"]
):
return jsonify({"message": "Must use full satoshis."}), HTTPStatus.BAD_REQUEST
if g.data["success_url"][:8] != "https://":
return jsonify({"message": "Success URL must be secure https://..."}), HTTPStatus.BAD_REQUEST
if link_id:
link = await get_pay_link(link_id)