diff options
| author | Omar Roth <omarroth@hotmail.com> | 2018-11-03 11:52:33 -0500 |
|---|---|---|
| committer | Omar Roth <omarroth@hotmail.com> | 2018-11-03 11:52:33 -0500 |
| commit | 7e558c5b1d78d748faa9e736369314272cd3f107 (patch) | |
| tree | 0d6cbaa2b9b7c478247585c0645856fe534ccf0c /src | |
| parent | 19632511d5ed1a38c32929d5dcb01edcd014e291 (diff) | |
| download | invidious-7e558c5b1d78d748faa9e736369314272cd3f107.tar.gz invidious-7e558c5b1d78d748faa9e736369314272cd3f107.tar.bz2 invidious-7e558c5b1d78d748faa9e736369314272cd3f107.zip | |
Add error messages for invalid password sizes
Diffstat (limited to 'src')
| -rw-r--r-- | src/invidious.cr | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/invidious.cr b/src/invidious.cr index 2924c894..2c26e24b 100644 --- a/src/invidious.cr +++ b/src/invidious.cr @@ -803,6 +803,17 @@ post "/login" do |env| next templated "error" end + if password.empty? + error_message = "Password cannot be empty" + next templated "error" + end + + # See https://security.stackexchange.com/a/39851 + if password.size > 55 + error_message = "Password cannot be longer than 55 characters" + next templated "error" + end + if !challenge_response || !token error_message = "CAPTCHA is a required field" next templated "error" |