X-Git-Url: https://git.proxmox.com/?p=pve-common.git;a=blobdiff_plain;f=src%2FPVE%2FRESTHandler.pm;h=87a2c189460adb25d0dd694c43c35be87f4a7b45;hp=ad0f929862731923b1cee594e1d15330c21aa0e9;hb=1068aeb3988b7ef080bd812bb1fa330c27e1b9f7;hpb=a1609259d31d9bfbf8a7558bfcd8354f89a73a23

diff --git a/src/PVE/RESTHandler.pm b/src/PVE/RESTHandler.pm
index ad0f929..87a2c18 100644
--- a/src/PVE/RESTHandler.pm
+++ b/src/PVE/RESTHandler.pm
@@ -386,16 +386,18 @@ sub handle {
 	# warn "validate ". Dumper($param}) . "\n" . Dumper($schema);
 	PVE::JSONSchema::validate($param, $schema);
 	# untaint data (already validated)
+	my $extra = delete $param->{'extra-args'};
 	while (my ($key, $val) = each %$param) {
 	    ($param->{$key}) = $val =~ /^(.*)$/s;
 	}
+	$param->{'extra-args'} = [map { /^(.*)$/ } @$extra] if $extra;
     }
 
     my $result = &$func($param); 
 
     # todo: this is only to be safe - disable?
     if (my $schema = $info->{returns}) {
-	PVE::JSONSchema::validate($result, $schema, "Result verification vailed\n");
+	PVE::JSONSchema::validate($result, $schema, "Result verification failed\n");
     }
 
     return $result;