Add further sanitization

middleware/registerMW.js

@@ -36,7 +36,7 @@ module.exports = function () {
 		const domain = req.query.domain;
 
 		const format = /^[a-zA-Z0-9\-]*$/;
-		if (!format.test(domain)) {
+		if (!format.test(domain) || domain == "") {
 			res.locals.statuscode = 400;
 			res.locals.answer = { message: "Domain name must only contain English letters, numbers and dash (-)." };
 			next();

middleware/updateMW.js

@@ -30,6 +30,14 @@ module.exports = function () {
 		const token = req.query.token;
 		const ip = req.query.ip;
 
+		const format = /^[0-9.]*$/;
+		if (!format.test(ip) || ip == "") {
+			res.locals.statuscode = 400;
+			res.locals.answer = { message: "Wrong IP format. Should be IPv4." };
+			next();
+			return;
+		}
+
 		return db.getDomain(token)
 			.catch(() => {
 				res.locals.statuscode = 500;