diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/invidious.cr | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/invidious.cr b/src/invidious.cr index 2924c894..2c26e24b 100644 --- a/src/invidious.cr +++ b/src/invidious.cr @@ -803,6 +803,17 @@ post "/login" do |env| next templated "error" end + if password.empty? + error_message = "Password cannot be empty" + next templated "error" + end + + # See https://security.stackexchange.com/a/39851 + if password.size > 55 + error_message = "Password cannot be longer than 55 characters" + next templated "error" + end + if !challenge_response || !token error_message = "CAPTCHA is a required field" next templated "error" |