RageStudio/comty
1
0
Fork 0
mirror of https://github.com/ragestudio/comty.git synced 2025-06-10 02:54:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

implement MaxStringLenghts

Browse Source
This commit is contained in:
srgooglo 2022-05-31 21:16:53 +02:00
parent ee120f0cd0
commit 5f6a1738e3
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
packages/server/src/controllers/UserController/index.js
View File

@ -12,6 +12,12 @@ const AllowedPublicUpdateFields = [
"description", "description",
] ]
const MaxStringsLengths = {
fullName: 120,
email: 320,
description: 2000,
}
export default class UserController extends Controller { export default class UserController extends Controller {
static refName = "UserController" static refName = "UserController"
@ -376,6 +382,14 @@ export default class UserController extends Controller {
AllowedPublicUpdateFields.forEach((key) => { AllowedPublicUpdateFields.forEach((key) => {
if (typeof req.selection.update[key] !== "undefined") { if (typeof req.selection.update[key] !== "undefined") {
// sanitize update
// check maximung strings length
if (typeof req.selection.update[key] === "string" && MaxStringsLengths[key]) {
if (req.selection.update[key].length > MaxStringsLengths[key]) {
return res.status(400).json({ error: `${key} is too long` })
}
}
update[key] = req.selection.update[key] update[key] = req.selection.update[key]
} }
}) })