Make input length checks consistent with HTML maxlength attribute (#4009)

* Make input length checks consistent with HTML maxlength attr (fixes #3688)

* ci

* Extricating min and max length checks (#4018)

* revert string change

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
This commit is contained in:
Nutomic 2023-10-05 22:39:07 +02:00 committed by GitHub
parent a5b8583aab
commit b7d570cf35
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -130,21 +130,14 @@ pub fn is_valid_post_title(title: &str) -> LemmyResult<()> {
/// This could be post bodies, comments, or any description field /// This could be post bodies, comments, or any description field
pub fn is_valid_body_field(body: &Option<String>, post: bool) -> LemmyResult<()> { pub fn is_valid_body_field(body: &Option<String>, post: bool) -> LemmyResult<()> {
if let Some(body) = body { if let Some(body) = body {
let check = if post { if post {
body.chars().count() <= POST_BODY_MAX_LENGTH max_length_check(body, POST_BODY_MAX_LENGTH, LemmyErrorType::InvalidBodyField)?;
} else { } else {
body.chars().count() <= BODY_MAX_LENGTH max_length_check(body, BODY_MAX_LENGTH, LemmyErrorType::InvalidBodyField)?;
}; };
if !check {
Err(LemmyErrorType::InvalidBodyField.into())
} else {
Ok(())
} }
} else {
Ok(()) Ok(())
} }
}
pub fn is_valid_bio_field(bio: &str) -> LemmyResult<()> { pub fn is_valid_bio_field(bio: &str) -> LemmyResult<()> {
max_length_check(bio, BIO_MAX_LENGTH, LemmyErrorType::BioLengthOverflow) max_length_check(bio, BIO_MAX_LENGTH, LemmyErrorType::BioLengthOverflow)
@ -152,11 +145,10 @@ pub fn is_valid_bio_field(bio: &str) -> LemmyResult<()> {
/// Checks the site name length, the limit as defined in the DB. /// Checks the site name length, the limit as defined in the DB.
pub fn site_name_length_check(name: &str) -> LemmyResult<()> { pub fn site_name_length_check(name: &str) -> LemmyResult<()> {
min_max_length_check( min_length_check(name, SITE_NAME_MIN_LENGTH, LemmyErrorType::SiteNameRequired)?;
max_length_check(
name, name,
SITE_NAME_MIN_LENGTH,
SITE_NAME_MAX_LENGTH, SITE_NAME_MAX_LENGTH,
LemmyErrorType::SiteNameRequired,
LemmyErrorType::SiteNameLengthOverflow, LemmyErrorType::SiteNameLengthOverflow,
) )
} }
@ -170,24 +162,24 @@ pub fn site_description_length_check(description: &str) -> LemmyResult<()> {
) )
} }
fn max_length_check(item: &str, max_length: usize, error_type: LemmyErrorType) -> LemmyResult<()> { /// Check minumum and maximum length of input string. If the string is too short or too long, the
if item.len() > max_length { /// corresponding error is returned.
Err(error_type.into()) ///
/// HTML frontends specify maximum input length using `maxlength` attribute.
/// For consistency we use the same counting method (UTF-16 code units).
/// https://developer.mozilla.org/en-US/docs/Web/HTML/Attributes/maxlength
fn max_length_check(item: &str, max_length: usize, max_msg: LemmyErrorType) -> LemmyResult<()> {
let len = item.encode_utf16().count();
if len > max_length {
Err(max_msg.into())
} else { } else {
Ok(()) Ok(())
} }
} }
fn min_max_length_check( fn min_length_check(item: &str, min_length: usize, min_msg: LemmyErrorType) -> LemmyResult<()> {
item: &str, let len = item.encode_utf16().count();
min_length: usize, if len < min_length {
max_length: usize,
min_msg: LemmyErrorType,
max_msg: LemmyErrorType,
) -> LemmyResult<()> {
if item.len() > max_length {
Err(max_msg.into())
} else if item.len() < min_length {
Err(min_msg.into()) Err(min_msg.into())
} else { } else {
Ok(()) Ok(())