From 1f3423796eee06a126d3cab7c276e2d0f169b869 Mon Sep 17 00:00:00 2001
From: JoramWilander <jwawilander@gmail.com>
Date: Fri, 30 Oct 2015 13:36:51 -0400
Subject: Validate callback urls on the server and add help text to outgoing
 webhooks

---
 model/outgoing_webhook.go | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'model/outgoing_webhook.go')

diff --git a/model/outgoing_webhook.go b/model/outgoing_webhook.go
index 8958dd5b0..9a1b89a85 100644
--- a/model/outgoing_webhook.go
+++ b/model/outgoing_webhook.go
@@ -100,6 +100,12 @@ func (o *OutgoingWebhook) IsValid() *AppError {
 		return NewAppError("OutgoingWebhook.IsValid", "Invalid callback urls", "")
 	}
 
+	for _, callback := range o.CallbackURLs {
+		if !IsValidHttpUrl(callback) {
+			return NewAppError("OutgoingWebhook.IsValid", "Invalid callback URLs. Each must be a valid URL and start with http:// or https://", "")
+		}
+	}
+
 	return nil
 }
 
-- 
cgit v1.2.3-1-g7c22