Added basic string sanitization to ApiMediaController

2 files changed, 9 insertions, 3 deletions

diff --git a/Controllers/ApiMediaController.cs b/Controllers/ApiMediaController.cs
index a1b07b1..58fd043 100644
--- a/Controllers/ApiMediaController.cs
+++ b/Controllers/ApiMediaController.cs
@@ -1,5 +1,6 @@
 using HyperBooru.ApiModels;
 using HyperBooru.Services;
+using HyperBooru.Util;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.EntityFrameworkCore;
@@ -54,8 +55,8 @@ public class ApiMediaController : Controller {
         if(media is null)
             return NotFound();
 
-        media.ShortDescription = updatedMedia.ShortDescription;
-        media.LongDescription  = updatedMedia.LongDescription;
+        media.ShortDescription = updatedMedia.ShortDescription.NullIfEmpty();
+        media.LongDescription  = updatedMedia.LongDescription.NullIfEmpty();
 
         await db.SaveChangesAsync();
         await transaction.CommitAsync();
@@ -87,7 +88,7 @@ public class ApiMediaController : Controller {
             metadata?.LastAccessTime,
             metadata?.LastWriteTime,
             metadata?.CreateTime,
-            metadata?.Path,
+            metadata?.Path.NullIfEmpty(),
             metadata?.PathType,
             metadata?.Tags);
 
diff --git a/Util.cs b/Util.cs
index 6af6c81..7de2b6e 100644
--- a/Util.cs
+++ b/Util.cs
@@ -5,6 +5,11 @@ public static class Extensions {
         "K", "M", "G", "T", "P", "E", "Z", "Y", "R", "Q"
     };
 
+    public static string? NullIfEmpty(this string s) {
+      s = s.Trim();
+      return string.IsNullOrEmpty(s) ? null : s;
+    }
+
     public static DateTime? TryParseDateTimeUtc(this string s) {
         bool success = DateTime.TryParse(s, out var dateTime);
         return success ? DateTime.SpecifyKind(dateTime, DateTimeKind.Utc) : null;