mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-01-10 23:52:16 +01:00
Cap max size of federated repo list at 2048 bytes
This commit is contained in:
parent
6055b4fca0
commit
f327c0da24
2 changed files with 10 additions and 1 deletions
|
@ -157,6 +157,10 @@ func IsValidFederatedRepoURLList(urls string) bool {
|
|||
return true
|
||||
}
|
||||
|
||||
func IsOfValidLength(str string) bool {
|
||||
return len(str) <= 2048
|
||||
}
|
||||
|
||||
var (
|
||||
validUsernamePatternWithDots = regexp.MustCompile(`^[\da-zA-Z][-.\w]*$`)
|
||||
validUsernamePatternWithoutDots = regexp.MustCompile(`^[\da-zA-Z][-\w]*$`)
|
||||
|
|
|
@ -197,6 +197,11 @@ func SettingsPost(ctx *context.Context) {
|
|||
case form.FederationRepos == "":
|
||||
repo.FederationRepos = ""
|
||||
// Validate
|
||||
case !validation.IsOfValidLength(form.FederationRepos): // ToDo: Use for public testing only. In production we might need longer strings.
|
||||
ctx.Data["ERR_FederationRepos"] = true
|
||||
ctx.Flash.Error("The given string was larger than 2048 bytes")
|
||||
ctx.Redirect(repo.Link() + "/settings")
|
||||
return
|
||||
case validation.IsValidFederatedRepoURL(form.FederationRepos):
|
||||
repo.FederationRepos = form.FederationRepos
|
||||
default:
|
||||
|
@ -205,7 +210,7 @@ func SettingsPost(ctx *context.Context) {
|
|||
ctx.Redirect(repo.Link() + "/settings")
|
||||
return
|
||||
}
|
||||
// ToDo: Validate for max length before committing to db
|
||||
|
||||
if err := repo_service.UpdateRepository(ctx, repo, false); err != nil {
|
||||
ctx.ServerError("UpdateRepository", err)
|
||||
return
|
||||
|
|
Loading…
Reference in a new issue