Updates for SSRF

Author: GeekTrainer

src/components/Form.js

@@ -22,8 +22,12 @@ const Form = ({ formId, petForm, forNewPet = true }) => {
 
   /* The PUT method edits an existing entry in the mongodb database. */
   const putData = async (form) => {
-    const { id } = router.query
+    const id = parseInt(router.query.id, 10);
 
+    if(!id || isNaN(id) || id < 1) {
+      setMessage('Pet ID is not a number');
+      return;
+    }
     try {
       const res = await fetch(`/api/pets/${id}`, {
         method: 'PUT',

src/pages/[id]/index.js

@@ -9,7 +9,12 @@ const PetPage = ({ pet }) => {
   const router = useRouter()
   const [message, setMessage] = useState('')
   const handleDelete = async () => {
-    const petID = router.query.id
+    const petID = parseInt(router.query.id, 10);
+
+    if(!petID || isNaN(petID) || petID < 1) {
+      setMessage('Pet ID is not a number');
+      return;
+    }
 
     try {
       await fetch(`/api/pets/${petID}`, {