From bc84faf43968f7c15fd2d9ce55e72d0b2bb1d6c8 Mon Sep 17 00:00:00 2001
From: "plebeius.eth" <mottoes_recap0u@icloud.com>
Date: Wed, 22 May 2024 17:02:45 +0200
Subject: [PATCH] feat(app): return 'not found' for invalid pending comment
 indexes, subplebbit addresses and CIDs

---
 src/app.tsx | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/app.tsx b/src/app.tsx
index c7cf68b9..fcea846f 100644
--- a/src/app.tsx
+++ b/src/app.tsx
@@ -26,13 +26,16 @@ import TopBar from './components/topbar';
 export const sortTypes = ['hot', 'new', 'active', 'controversialAll', 'topAll'];
 
 const CheckRouteParams = () => {
-  let { sortType, timeFilterName, accountCommentIndex } = useParams<{ sortType?: string; timeFilterName?: string; accountCommentIndex?: string }>();
+  const { accountCommentIndex, commentCid, sortType, subplebbitAddress, timeFilterName } = useParams();
 
+  const isValidAccountCommentIndex = !accountCommentIndex || (!isNaN(parseInt(accountCommentIndex)) && parseInt(accountCommentIndex) >= 0);
+  const isValidCommentCid = !commentCid || /^Qm[a-zA-Z0-9]{44}$/.test(commentCid);
+  const isValidSubplebbitAddress = !subplebbitAddress || subplebbitAddress.includes('.') || /^12D3K[a-zA-Z0-9]{44}$/.test(subplebbitAddress);
   const isSortTypeValid = !sortType || sortTypes.includes(sortType);
   const isTimeFilterNameValid = !timeFilterName || timeFilterNames.includes(timeFilterName as any);
   const isAccountCommentIndexValid = !accountCommentIndex || !isNaN(parseInt(accountCommentIndex));
 
-  if (!isSortTypeValid || !isTimeFilterNameValid || !isAccountCommentIndexValid) {
+  if (!isValidAccountCommentIndex || !isValidCommentCid || !isValidSubplebbitAddress || !isSortTypeValid || !isTimeFilterNameValid || !isAccountCommentIndexValid) {
     return <NotFound />;
   }