Skip to content

[WIP] Raw User Input: /project/metadata route#318

Closed
Copilot wants to merge 1 commit into
mainfrom
copilot/fix-314
Closed

[WIP] Raw User Input: /project/metadata route#318
Copilot wants to merge 1 commit into
mainfrom
copilot/fix-314

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Sep 12, 2025

Thanks for assigning this issue to me. I'm starting to work on it and will keep this PR's description up to date as I form a plan and make progress.

Original issue description:

This work has already been started in the pull request #316. Please use the existing branch in that pull request to do the work.

/project/metadataRouter.js has the following registered endpoint.

.put(auth0Middleware(), async (req, res) => { ... })

The data provided in the request body was from direct typed user input. It may be malicious, or at least suspicious.

Add the middleware found in/utilities/checkIfSuspicious.js to the route in order to protect it. No new files should be generated as a result of this work.

Fixes #314.

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

Copilot stopped work on behalf of thehabes due to an error September 12, 2025 17:52
The session was cancelled by the user.
Copilot AI requested a review from thehabes September 12, 2025 17:52
@thehabes thehabes closed this Sep 12, 2025
@thehabes thehabes deleted the copilot/fix-314 branch October 6, 2025 14:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@thehabes thehabes Awaiting requested review from thehabes

Assignees

@thehabes thehabes

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Raw User Input: /project/metadata route

2 participants

@thehabes