From 5b9dc88c674593a99d77d9fd7d0ae23485d39b22 Mon Sep 17 00:00:00 2001 From: Son NK <> Date: Wed, 18 Nov 2020 10:38:35 +0100 Subject: [PATCH] make sure alias prefix cannot be more than 40 chars --- app/alias_utils.py | 3 +++ app/api/views/new_custom_alias.py | 2 +- app/dashboard/templates/dashboard/custom_alias.html | 2 ++ app/dashboard/views/custom_alias.py | 2 +- app/oauth/templates/oauth/authorize.html | 1 + app/oauth/views/authorize.py | 2 +- tests/test_alias_utils.py | 1 + 7 files changed, 10 insertions(+), 3 deletions(-) diff --git a/app/alias_utils.py b/app/alias_utils.py index d05d70ad..0b24eafd 100644 --- a/app/alias_utils.py +++ b/app/alias_utils.py @@ -215,6 +215,9 @@ _ALIAS_PREFIX_PATTERN = r"[0-9a-z-_]{1,}" def check_alias_prefix(alias_prefix) -> bool: + if len(alias_prefix) > 40: + return False + if re.fullmatch(_ALIAS_PREFIX_PATTERN, alias_prefix) is None: return False diff --git a/app/api/views/new_custom_alias.py b/app/api/views/new_custom_alias.py index 8f72d4b5..cf815efb 100644 --- a/app/api/views/new_custom_alias.py +++ b/app/api/views/new_custom_alias.py @@ -238,7 +238,7 @@ def new_custom_alias_v3(): alias_prefix = convert_to_id(alias_prefix) if not check_alias_prefix(alias_prefix): - return jsonify(error="alias prefix format problem"), 400 + return jsonify(error="alias prefix invalid format or too long"), 400 # check if mailbox is not tempered with mailboxes = [] diff --git a/app/dashboard/templates/dashboard/custom_alias.html b/app/dashboard/templates/dashboard/custom_alias.html index 9927d23e..0963b894 100644 --- a/app/dashboard/templates/dashboard/custom_alias.html +++ b/app/dashboard/templates/dashboard/custom_alias.html @@ -32,11 +32,13 @@ id="prefix" type="text" pattern="[0-9a-z-_]{1,}" + maxlength="40" title="Only lowercase letters, numbers, dashes (-) and underscores (_) are currently supported." placeholder="Email alias, for example newsletter-123_xyz" autofocus required>