increase hole css limit to 20000 too

files/classes/hole.py

@@ -3,7 +3,7 @@ import time
 
 from sqlalchemy import Column
 from sqlalchemy.ext.mutable import MutableList
-from sqlalchemy.orm import relationship
+from sqlalchemy.orm import relationship, deferred
 from sqlalchemy.types import VARCHAR, Boolean, Integer
 from sqlalchemy.dialects.postgresql import ARRAY
 
@@ -21,7 +21,7 @@ class Hole(Base):
 	sidebarurls = Column(MutableList.as_mutable(ARRAY(VARCHAR(HOLE_BANNER_URL_COLUMN_LENGTH))), default=MutableList([]), nullable=False)
 	bannerurls = Column(MutableList.as_mutable(ARRAY(VARCHAR(HOLE_BANNER_URL_COLUMN_LENGTH))), default=MutableList([]), nullable=False)
 	marseyurl = Column(VARCHAR(HOLE_MARSEY_URL_LENGTH))
-	css = Column(VARCHAR(HOLE_CSS_COLUMN_LENGTH))
+	css = deferred(Column(VARCHAR(CSS_LENGTH_LIMIT)))
 	stealth = Column(Boolean)
 	created_utc = Column(Integer)
 

files/helpers/config/const.py

@@ -315,7 +315,6 @@ HOLE_SIDEBAR_COLUMN_LENGTH = 10000
 HOLE_SIDEBAR_HTML_COLUMN_LENGTH = 20000
 HOLE_SIDEBAR_URL_COLUMN_LENGTH = 60
 HOLE_BANNER_URL_COLUMN_LENGTH = 60
-HOLE_CSS_COLUMN_LENGTH = 6000
 HOLE_MARSEY_URL_LENGTH = 60
 
 ################################################################################
@@ -505,7 +504,7 @@ POST_BODY_HTML_LENGTH_LIMIT = 200000 # do not make larger than 200000 without al
 
 COMMENT_BODY_LENGTH_LIMIT = 10000 # do not make larger than 10000 characters without altering the table
 COMMENT_BODY_HTML_LENGTH_LIMIT = 40000 # do not make larger than 20000 characters without altering the table
-CSS_LENGTH_LIMIT = 20000 # do not make larger than 20000 characters without altering the table
+CSS_LENGTH_LIMIT = 20000 # do not make larger than 20000 characters without altering the tables
 COMMENT_MAX_DEPTH = 200
 TRANSFER_MESSAGE_LENGTH_LIMIT = 200 # do not make larger than 10000 characters (comment limit) without altering the table
 MIN_REPOST_CHECK_URL_LENGTH = 9 # also change the constant in checkRepost() of submit.js

files/routes/holes.py

@@ -483,8 +483,8 @@ def post_hole_css(v, hole):
 	if not v.mods(hole.name): abort(403)
 	if v.shadowbanned: abort(400)
 
-	if len(css) > 6000:
-		abort(400, "CSS is too long (max 6000 characters)")
+	if len(css) > CSS_LENGTH_LIMIT:
+		abort(400, f"Hole CSS is too long (max {CSS_LENGTH_LIMIT} characters)")
 
 	valid, error = validate_css(css)
 	if not valid:

files/routes/jinja2.py

@@ -157,5 +157,5 @@ def inject_constants():
 			"CHUD_PHRASES":CHUD_PHRASES, "hasattr":hasattr, "calc_users":calc_users, "HOLE_INACTIVITY_DELETION":HOLE_INACTIVITY_DELETION, "LIGHT_THEMES":LIGHT_THEMES, "OVER_18_EMOJIS":OVER_18_EMOJIS,
 			"MAX_IMAGE_AUDIO_SIZE_MB":MAX_IMAGE_AUDIO_SIZE_MB, "MAX_IMAGE_AUDIO_SIZE_MB_PATRON":MAX_IMAGE_AUDIO_SIZE_MB_PATRON,
 			"MAX_VIDEO_SIZE_MB":MAX_VIDEO_SIZE_MB, "MAX_VIDEO_SIZE_MB_PATRON":MAX_VIDEO_SIZE_MB_PATRON,
-			"CURSORMARSEY_DEFAULT":CURSORMARSEY_DEFAULT, "SNAPPY_ID":SNAPPY_ID, "get_running_orgy":get_running_orgy, "TRUESCORE_MINIMUM":TRUESCORE_MINIMUM, "bar_position":bar_position, "datetime":datetime, "CSS_LENGTH_LIMIT":CSS_LENGTH_LIMIT, "cache":cache, "emoji_count":emoji_count,
+			"CURSORMARSEY_DEFAULT":CURSORMARSEY_DEFAULT, "SNAPPY_ID":SNAPPY_ID, "get_running_orgy":get_running_orgy, "TRUESCORE_MINIMUM":TRUESCORE_MINIMUM, "bar_position":bar_position, "datetime":datetime, "CSS_LENGTH_LIMIT":CSS_LENGTH_LIMIT, "cache":cache, "emoji_count":emoji_count, "HOLE_SIDEBAR_COLUMN_LENGTH":HOLE_SIDEBAR_COLUMN_LENGTH,
 		}

files/routes/settings.py

@@ -647,7 +647,12 @@ def settings_css_get(v):
 def settings_css(v):
 	if v.chud:
 		abort(400, "Chudded users can't edit CSS!")
-	css = request.values.get("css", v.css).strip().replace('\\', '')[:CSS_LENGTH_LIMIT].strip()
+
+	css = request.values.get("css", v.css).strip().replace('\\', '')
+
+	if len(css) > CSS_LENGTH_LIMIT:
+		abort(400, f"CSS is too long (max {CSS_LENGTH_LIMIT} characters)")
+
 	v.css = css
 	g.db.add(v)
 	return {"message": "Custom CSS successfully updated!"}
@@ -659,7 +664,11 @@ def settings_css(v):
 @limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
 @auth_required
 def settings_profilecss(v):
-	profilecss = request.values.get("profilecss", v.profilecss).replace('\\', '')[:CSS_LENGTH_LIMIT].strip()
+	profilecss = request.values.get("profilecss", v.profilecss).strip().replace('\\', '')
+
+	if len(profilecss) > CSS_LENGTH_LIMIT:
+		abort(400, f"Profile CSS is too long (max {CSS_LENGTH_LIMIT} characters)")
+
 	valid, error = validate_css(profilecss)
 	if not valid:
 		abort(400, error)

files/templates/hole/settings.html

@@ -96,6 +96,7 @@
 						<form id="sidebar" action="/h/{{hole}}/sidebar" method="post" data-nonce="{{g.nonce}}" data-onsubmit="sendFormXHR(this)">
 							<input hidden name="formkey" value="{{v|formkey}}">
 							<textarea autocomplete="off" maxlength="10000" class="form-control rounded" id="bio-text" placeholder="Enter sidebar here..." rows="10" name="sidebar" form="sidebar">{% if hole.sidebar %}{{hole.sidebar}}{% endif %}</textarea>
+							<small>Limit of {{HOLE_SIDEBAR_COLUMN_LENGTH}} characters</small>
 							<div class="d-flex mt-2">
 								<input autocomplete="off" class="btn btn-primary ml-auto" type="submit" value="Save">
 							</div>
@@ -116,7 +117,8 @@
 					<div class="w-lg-100">
 						<form id="css" action="/h/{{hole}}/css" method="post" data-nonce="{{g.nonce}}" data-onsubmit="sendFormXHR(this)">
 							<input hidden name="formkey" value="{{v|formkey}}">
-							<textarea autocomplete="off" maxlength="6000" class="form-control rounded" id="bio-text" placeholder="Enter css here..." rows="10" name="css" form="css">{% if css %}{{css}}{% endif %}</textarea>
+							<textarea autocomplete="off" maxlength="{{CSS_LENGTH_LIMIT}}" class="form-control rounded" id="bio-text" placeholder="Enter css here..." rows="10" name="css" form="css">{% if css %}{{css}}{% endif %}</textarea>
+							<small>Limit of {{CSS_LENGTH_LIMIT}} characters</small>
 							<div class="d-flex mt-2">
 								<input autocomplete="off" class="btn btn-primary ml-auto" type="submit" value="Save">
 							</div>