Update copi.owasp.org/lib/copi_web/controllers/api_controller.ex

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

Author: immortal71

copi.owasp.org/lib/copi_web/controllers/api_controller.ex

@@ -25,11 +25,14 @@ defmodule CopiWeb.ApiController do
                     {:ok, dealt_card} ->
                       with {:ok, updated_game} <- Game.find(game.id) do
                         CopiWeb.Endpoint.broadcast(topic(game.id), "game:updated", updated_game)
+                        conn |> json(%{"id" => dealt_card.id})
                       else
                         {:error, _reason} ->
-                          conn |> put_status(:internal_server_error) |> json(%{"error" => "Could not find updated game"})
+                          # V16.5.3: Fail securely if the updated game cannot be loaded/broadcast
+                          conn
+                          |> put_status(:internal_server_error)
+                          |> json(%{"error" => "Could not find updated game"})
                       end
-                      conn |> json(%{"id" => dealt_card.id})
                     {:error, _changeset} ->
                       conn |> put_status(:internal_server_error) |> json(%{"error" => "Could not update dealt card"})
                   end