From 5fb7d530187235ae723010a20c2aa3a45282ab4c Mon Sep 17 00:00:00 2001
From: Girish Ramakrishnan <girish@cloudron.io>
Date: Tue, 9 Apr 2024 12:31:10 +0200
Subject: [PATCH] backups: encryptedFilenames and mountOptions are validated at
 provider level

---
 src/routes/backups.js | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/src/routes/backups.js b/src/routes/backups.js
index 7b3927897..9d48b2362 100644
--- a/src/routes/backups.js
+++ b/src/routes/backups.js
@@ -122,15 +122,13 @@ async function setLimits(req, res, next) {
 async function setStorage(req, res, next) {
     assert.strictEqual(typeof req.body, 'object');
 
+    // provider specific options are validated by provider backends
     if (typeof req.body.provider !== 'string') return next(new HttpError(400, 'provider is required'));
+    if (typeof req.body.format !== 'string') return next(new HttpError(400, 'format must be a string'));
+
     if ('password' in req.body && typeof req.body.password !== 'string') return next(new HttpError(400, 'password must be a string'));
     if ('encryptedFilenames' in req.body && typeof req.body.encryptedFilenames !== 'boolean') return next(new HttpError(400, 'encryptedFilenames must be a boolean'));
 
-    if (typeof req.body.format !== 'string') return next(new HttpError(400, 'format must be a string'));
-    if ('acceptSelfSignedCerts' in req.body && typeof req.body.acceptSelfSignedCerts !== 'boolean') return next(new HttpError(400, 'acceptSelfSignedCerts must be a boolean'));
-
-    if ('mountOptions' in req.body && typeof req.body.mountOptions !== 'object') return next(new HttpError(400, 'mountOptions must be a object'));
-
     // testing the backup using put/del takes a bit of time at times
     req.clearTimeout();