From a6434ec47fcfe20386f03bace903eafecd35ee68 Mon Sep 17 00:00:00 2001 From: calzoneman Date: Thu, 20 Mar 2014 09:17:19 -0500 Subject: [PATCH] Fix #335 --- lib/channel.js | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/lib/channel.js b/lib/channel.js index 46884dce..bf3d1324 100644 --- a/lib/channel.js +++ b/lib/channel.js @@ -1529,6 +1529,15 @@ Channel.prototype.handleQueue = function (user, data) { var type = data.type; var link = util.formatLink(id, type); + /* Kick for this because there's no legitimate way to do this with the + UI. Can only be accomplished by manually sending a packet and people + abuse it to bypass the addnext permission + */ + if (data.pos !== "next" && data.pos !== "end") { + user.kick("Illegal queue packet: pos must be 'next' or 'end'"); + return; + } + // Verify user has the permission to add at the position given if (data.pos === "next" && !this.hasPermission(user, "playlistnext")) { return;