From 99cc60c8d520bb92cbcb83280206ed9fe3099c72 Mon Sep 17 00:00:00 2001
From: Julian Lam <julian@nodebb.org>
Date: Wed, 6 Dec 2023 13:57:49 -0500
Subject: [PATCH] fix: add basic sanity-checking to middleware.validateActivity

---
 src/middleware/index.js | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/middleware/index.js b/src/middleware/index.js
index 1c733c970d..27f07e895b 100644
--- a/src/middleware/index.js
+++ b/src/middleware/index.js
@@ -338,5 +338,11 @@ middleware.validateActivity = helpers.try(async (req, res, next) => {
 		return res.sendStatus(400);
 	}
 
+	// Sanity-check payload schema
+	const required = ['type'];
+	if (!required.every(prop => req.body.hasOwnProperty(prop))) {
+		return res.sendStatus(400);
+	}
+
 	next();
 });