From 317f044e70930496dacb0a768ff463c7ee3935d6 Mon Sep 17 00:00:00 2001
From: Will Browne <wbrowne@users.noreply.github.com>
Date: Wed, 1 Feb 2023 16:37:08 +0100
Subject: [PATCH] Plugins: Ensure proxy route bodies are valid JSON (#61771)

ensure proxy route bodies are valid JSON
---
 pkg/api/pluginproxy/utils.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/pkg/api/pluginproxy/utils.go b/pkg/api/pluginproxy/utils.go
index 0ad7669bcc5..888e3bb6e8f 100644
--- a/pkg/api/pluginproxy/utils.go
+++ b/pkg/api/pluginproxy/utils.go
@@ -2,6 +2,8 @@ package pluginproxy
 
 import (
 	"bytes"
+	"encoding/json"
+	"errors"
 	"fmt"
 	"io"
 	"net/http"
@@ -77,6 +79,10 @@ func setBodyContent(req *http.Request, route *plugins.Route, data templateData)
 			return err
 		}
 
+		if !json.Valid([]byte(interpolatedBody)) {
+			return errors.New("body is not valid JSON")
+		}
+
 		req.Body = io.NopCloser(strings.NewReader(interpolatedBody))
 		req.ContentLength = int64(len(interpolatedBody))
 	}