Merge pull request #3783 from weseek/imprv/6066-proxy-url-validation

Imprv/6066 proxy url validation

src/server/routes/apiv3/slack-integration-settings.js

@@ -55,6 +55,10 @@ module.exports = (crowi) => {
       body('currentBotType')
         .isIn(['officialBot', 'customBotWithoutProxy', 'customBotWithProxy']),
     ],
+    proxyUri: [
+      body('proxyUri').if(value => value !== '').trim().matches(/^(https?:\/\/)/)
+        .isURL({ require_tld: false }),
+    ],
     AccessTokens: [
       query('tokenGtoP').trim().not().isEmpty()
         .isString()
@@ -416,7 +420,7 @@ module.exports = (crowi) => {
     }
   });
 
-  router.put('/proxy-uri', loginRequiredStrictly, adminRequired, csrf, async(req, res) => {
+  router.put('/proxy-uri', loginRequiredStrictly, adminRequired, csrf, validator.proxyUri, apiV3FormValidator, async(req, res) => {
     const { proxyUri } = req.body;
 
     const requestParams = { 'slackbot:serverUri': proxyUri };