mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-11-24 08:57:03 -05:00
Cap max size of federated repo list at 2048 bytes
This commit is contained in:
parent
6055b4fca0
commit
f327c0da24
2 changed files with 10 additions and 1 deletions
|
@ -157,6 +157,10 @@ func IsValidFederatedRepoURLList(urls string) bool {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func IsOfValidLength(str string) bool {
|
||||||
|
return len(str) <= 2048
|
||||||
|
}
|
||||||
|
|
||||||
var (
|
var (
|
||||||
validUsernamePatternWithDots = regexp.MustCompile(`^[\da-zA-Z][-.\w]*$`)
|
validUsernamePatternWithDots = regexp.MustCompile(`^[\da-zA-Z][-.\w]*$`)
|
||||||
validUsernamePatternWithoutDots = regexp.MustCompile(`^[\da-zA-Z][-\w]*$`)
|
validUsernamePatternWithoutDots = regexp.MustCompile(`^[\da-zA-Z][-\w]*$`)
|
||||||
|
|
|
@ -197,6 +197,11 @@ func SettingsPost(ctx *context.Context) {
|
||||||
case form.FederationRepos == "":
|
case form.FederationRepos == "":
|
||||||
repo.FederationRepos = ""
|
repo.FederationRepos = ""
|
||||||
// Validate
|
// Validate
|
||||||
|
case !validation.IsOfValidLength(form.FederationRepos): // ToDo: Use for public testing only. In production we might need longer strings.
|
||||||
|
ctx.Data["ERR_FederationRepos"] = true
|
||||||
|
ctx.Flash.Error("The given string was larger than 2048 bytes")
|
||||||
|
ctx.Redirect(repo.Link() + "/settings")
|
||||||
|
return
|
||||||
case validation.IsValidFederatedRepoURL(form.FederationRepos):
|
case validation.IsValidFederatedRepoURL(form.FederationRepos):
|
||||||
repo.FederationRepos = form.FederationRepos
|
repo.FederationRepos = form.FederationRepos
|
||||||
default:
|
default:
|
||||||
|
@ -205,7 +210,7 @@ func SettingsPost(ctx *context.Context) {
|
||||||
ctx.Redirect(repo.Link() + "/settings")
|
ctx.Redirect(repo.Link() + "/settings")
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
// ToDo: Validate for max length before committing to db
|
|
||||||
if err := repo_service.UpdateRepository(ctx, repo, false); err != nil {
|
if err := repo_service.UpdateRepository(ctx, repo, false); err != nil {
|
||||||
ctx.ServerError("UpdateRepository", err)
|
ctx.ServerError("UpdateRepository", err)
|
||||||
return
|
return
|
||||||
|
|
Loading…
Reference in a new issue