From 27d28090d5024db1e1b38c95ff87bfb5b77c4c89 Mon Sep 17 00:00:00 2001
From: Thomas Basler <thomas@familie-basler.net>
Date: Tue, 20 May 2025 19:44:59 +0200
Subject: [PATCH] Fix: Dont allow HA base topic without trailing slash

---
 include/WebApi_errors.h    | 1 +
 lang/el.lang.json          | 1 +
 lang/es.lang.json          | 1 +
 lang/it.lang.json          | 1 +
 lang/pl.lang.json          | 1 +
 src/WebApi_mqtt.cpp        | 7 +++++++
 webapp/src/locales/de.json | 1 +
 webapp/src/locales/en.json | 1 +
 webapp/src/locales/fr.json | 1 +
 9 files changed, 15 insertions(+)

diff --git a/include/WebApi_errors.h b/include/WebApi_errors.h
index de74b976..84873c19 100644
--- a/include/WebApi_errors.h
+++ b/include/WebApi_errors.h
@@ -63,6 +63,7 @@ enum WebApiError {
     MqttHassTopicCharacter,
     MqttLwtQos,
     MqttClientIdLength,
+    MqttHassTopicTrailingSlash,
 
     NetworkBase = 8000,
     NetworkIpInvalid,
diff --git a/lang/el.lang.json b/lang/el.lang.json
index 3560f57a..37872c91 100644
--- a/lang/el.lang.json
+++ b/lang/el.lang.json
@@ -113,6 +113,7 @@
             "7015": "Το θέμα Hass δεν πρέπει να περιέχει χαρακτήρες διαστήματος!",
             "7016": "Το LWT QOS δεν πρέπει να είναι μεγαλύτερο από το {max}!",
             "7017": "Το αναγνωριστικό πελάτη δεν πρέπει να υπερβαίνει τους {max} χαρακτήρες!",
+            "7018": "Hass topic must end with slash (/)!",
             "8001": "Η διεύθυνση IP δεν είναι έγκυρη!",
             "8002": "Η μάσκα δικτύου δεν είναι έγκυρη!",
             "8003": "Η πύλη δεν είναι έγκυρη!",
diff --git a/lang/es.lang.json b/lang/es.lang.json
index f79ff997..103add76 100644
--- a/lang/es.lang.json
+++ b/lang/es.lang.json
@@ -113,6 +113,7 @@
             "7015": "¡El tema Hass no debe contener caracteres de espacio!",
             "7016": "¡La QoS LWT no debe ser mayor que {max}!",
             "7017": "Client ID must not longer then {max} characters!",
+            "7018": "Hass topic must end with slash (/)!",
             "8001": "¡La dirección IP no es válida!",
             "8002": "¡La máscara de red no es válida!",
             "8003": "¡El gateway no es válido!",
diff --git a/lang/it.lang.json b/lang/it.lang.json
index c3d0872a..572b6cca 100644
--- a/lang/it.lang.json
+++ b/lang/it.lang.json
@@ -113,6 +113,7 @@
             "7015": "Hass topic must not contain space characters!",
             "7016": "LWT QOS must not greater then {max}!",
             "7017": "Client ID must not longer then {max} characters!",
+            "7018": "Hass topic must end with slash (/)!",
             "8001": "IP address is invalid!",
             "8002": "Netmask is invalid!",
             "8003": "Gateway is invalid!",
diff --git a/lang/pl.lang.json b/lang/pl.lang.json
index 6aad45d8..8148ec9d 100644
--- a/lang/pl.lang.json
+++ b/lang/pl.lang.json
@@ -113,6 +113,7 @@
             "7015": "Temat Hass nie może zawierać spacji!",
             "7016": "LWT QOS nie może być większy niż {max}!",
             "7017": "Identyfikator klienta nie może być dłuższy niż {max} znaków!",
+            "7018": "Hass topic must end with slash (/)!",
             "8001": "Adres IP jest nieprawidłowy!!",
             "8002": "Maska sieci jest nieprawidłowa!",
             "8003": "Brama jest nieprawidłowa!",
diff --git a/src/WebApi_mqtt.cpp b/src/WebApi_mqtt.cpp
index 7558110e..df191644 100644
--- a/src/WebApi_mqtt.cpp
+++ b/src/WebApi_mqtt.cpp
@@ -268,6 +268,13 @@ void WebApiMqttClass::onMqttAdminPost(AsyncWebServerRequest* request)
                 WebApi.sendJsonResponse(request, response, __FUNCTION__, __LINE__);
                 return;
             }
+
+            if (!root["mqtt_hass_topic"].as<String>().endsWith("/")) {
+                retMsg["message"] = "Hass topic must end with a slash (/)!";
+                retMsg["code"] = WebApiError::MqttHassTopicTrailingSlash;
+                WebApi.sendJsonResponse(request, response, __FUNCTION__, __LINE__);
+                return;
+            }
         }
     }
 
diff --git a/webapp/src/locales/de.json b/webapp/src/locales/de.json
index 1bbb3f0a..bb6751b8 100644
--- a/webapp/src/locales/de.json
+++ b/webapp/src/locales/de.json
@@ -98,6 +98,7 @@
         "7015": "Hass-Topic darf keine Leerzeichen enthalten!",
         "7016": "LWT QoS darf nicht größer als {max} sein!",
         "7017": "Client ID darf nicht länger als {max} Zeichen sein!",
+        "7018": "Hass-Topic muss mit einem Slash (/) enden!",
         "8001": "IP-Adresse ist ungültig!",
         "8002": "Netzmaske ist ungültig!",
         "8003": "Standardgateway ist ungültig!",
diff --git a/webapp/src/locales/en.json b/webapp/src/locales/en.json
index 060b6f0d..f705b7e4 100644
--- a/webapp/src/locales/en.json
+++ b/webapp/src/locales/en.json
@@ -98,6 +98,7 @@
         "7015": "Hass topic must not contain space characters!",
         "7016": "LWT QOS must not greater then {max}!",
         "7017": "Client ID must not longer then {max} characters!",
+        "7018": "Hass topic must end with slash (/)!",
         "8001": "IP address is invalid!",
         "8002": "Netmask is invalid!",
         "8003": "Gateway is invalid!",
diff --git a/webapp/src/locales/fr.json b/webapp/src/locales/fr.json
index 58357a24..8735bf80 100644
--- a/webapp/src/locales/fr.json
+++ b/webapp/src/locales/fr.json
@@ -98,6 +98,7 @@
         "7015": "Le sujet Hass ne doit pas contenir d'espace !",
         "7016": "LWT QOS ne doit pas être supérieur à {max}!",
         "7017": "Client ID must not longer then {max} characters!",
+        "7018": "Hass topic must end with slash (/)!",
         "8001": "L'adresse IP n'est pas valide !",
         "8002": "Le masque de réseau n'est pas valide !",
         "8003": "La passerelle n'est pas valide !",