From 1797e11b4370891e943429f5ab7dbb09ab117c89 Mon Sep 17 00:00:00 2001
From: Calvin Montgomery <calzoneman@gmail.com>
Date: Sun, 14 Jan 2018 15:15:59 -0800
Subject: [PATCH] Sanitize google drive IDs to remove URL hash etc.

---
 package.json    | 2 +-
 src/get-info.js | 5 +++++
 www/js/util.js  | 4 ++--
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/package.json b/package.json
index 6194bf28..d4e22b11 100644
--- a/package.json
+++ b/package.json
@@ -2,7 +2,7 @@
   "author": "Calvin Montgomery",
   "name": "CyTube",
   "description": "Online media synchronizer and chat",
-  "version": "3.52.1",
+  "version": "3.52.2",
   "repository": {
     "url": "http://github.com/calzoneman/sync"
   },
diff --git a/src/get-info.js b/src/get-info.js
index f104fb03..642c4a19 100644
--- a/src/get-info.js
+++ b/src/get-info.js
@@ -467,6 +467,11 @@ var Getters = {
 
     /* google docs */
     gd: function (id, callback) {
+        if (!/^[a-zA-Z0-9_-]+$/.test(id)) {
+            callback("Invalid ID: " + id);
+            return;
+        }
+
         var data = {
             type: "googledrive",
             kind: "single",
diff --git a/www/js/util.js b/www/js/util.js
index 36c2d353..76cd7e9f 100644
--- a/www/js/util.js
+++ b/www/js/util.js
@@ -1368,8 +1368,8 @@ function parseMediaLink(url) {
         };
     }
 
-    if ((m = url.match(/(?:docs|drive)\.google\.com\/file\/d\/([^\/]*)/)) ||
-        (m = url.match(/drive\.google\.com\/open\?id=([^&]*)/))) {
+    if ((m = url.match(/(?:docs|drive)\.google\.com\/file\/d\/([a-zA-Z0-9_-]+)/)) ||
+        (m = url.match(/drive\.google\.com\/open\?id=([a-zA-Z0-9_-]+)/))) {
         return {
             id: m[1],
             type: "gd"