From b7d570cf3575602c75be72e993aa37aca8024718 Mon Sep 17 00:00:00 2001 From: Nutomic Date: Thu, 5 Oct 2023 22:39:07 +0200 Subject: [PATCH] Make input length checks consistent with HTML maxlength attribute (#4009) * Make input length checks consistent with HTML maxlength attr (fixes #3688) * ci * Extricating min and max length checks (#4018) * revert string change --------- Co-authored-by: Dessalines --- crates/utils/src/utils/validation.rs | 46 ++++++++++++---------------- 1 file changed, 19 insertions(+), 27 deletions(-) diff --git a/crates/utils/src/utils/validation.rs b/crates/utils/src/utils/validation.rs index f2b8fa2a7..4d8ed8543 100644 --- a/crates/utils/src/utils/validation.rs +++ b/crates/utils/src/utils/validation.rs @@ -130,20 +130,13 @@ pub fn is_valid_post_title(title: &str) -> LemmyResult<()> { /// This could be post bodies, comments, or any description field pub fn is_valid_body_field(body: &Option, post: bool) -> LemmyResult<()> { if let Some(body) = body { - let check = if post { - body.chars().count() <= POST_BODY_MAX_LENGTH + if post { + max_length_check(body, POST_BODY_MAX_LENGTH, LemmyErrorType::InvalidBodyField)?; } else { - body.chars().count() <= BODY_MAX_LENGTH + max_length_check(body, BODY_MAX_LENGTH, LemmyErrorType::InvalidBodyField)?; }; - - if !check { - Err(LemmyErrorType::InvalidBodyField.into()) - } else { - Ok(()) - } - } else { - Ok(()) } + Ok(()) } pub fn is_valid_bio_field(bio: &str) -> LemmyResult<()> { @@ -152,11 +145,10 @@ pub fn is_valid_bio_field(bio: &str) -> LemmyResult<()> { /// Checks the site name length, the limit as defined in the DB. pub fn site_name_length_check(name: &str) -> LemmyResult<()> { - min_max_length_check( + min_length_check(name, SITE_NAME_MIN_LENGTH, LemmyErrorType::SiteNameRequired)?; + max_length_check( name, - SITE_NAME_MIN_LENGTH, SITE_NAME_MAX_LENGTH, - LemmyErrorType::SiteNameRequired, LemmyErrorType::SiteNameLengthOverflow, ) } @@ -170,24 +162,24 @@ pub fn site_description_length_check(description: &str) -> LemmyResult<()> { ) } -fn max_length_check(item: &str, max_length: usize, error_type: LemmyErrorType) -> LemmyResult<()> { - if item.len() > max_length { - Err(error_type.into()) +/// Check minumum and maximum length of input string. If the string is too short or too long, the +/// corresponding error is returned. +/// +/// HTML frontends specify maximum input length using `maxlength` attribute. +/// For consistency we use the same counting method (UTF-16 code units). +/// https://developer.mozilla.org/en-US/docs/Web/HTML/Attributes/maxlength +fn max_length_check(item: &str, max_length: usize, max_msg: LemmyErrorType) -> LemmyResult<()> { + let len = item.encode_utf16().count(); + if len > max_length { + Err(max_msg.into()) } else { Ok(()) } } -fn min_max_length_check( - item: &str, - min_length: usize, - max_length: usize, - min_msg: LemmyErrorType, - max_msg: LemmyErrorType, -) -> LemmyResult<()> { - if item.len() > max_length { - Err(max_msg.into()) - } else if item.len() < min_length { +fn min_length_check(item: &str, min_length: usize, min_msg: LemmyErrorType) -> LemmyResult<()> { + let len = item.encode_utf16().count(); + if len < min_length { Err(min_msg.into()) } else { Ok(())