forked from rDrama/rDrama
fix xss on banning domains (only admins could use it)
parent
465565f26c
commit
512c864327
|
@ -1518,6 +1518,11 @@ def ban_domain(v):
|
||||||
reason=request.values.get("reason", "").strip()
|
reason=request.values.get("reason", "").strip()
|
||||||
if not reason: abort(400, 'Reason is required!')
|
if not reason: abort(400, 'Reason is required!')
|
||||||
|
|
||||||
|
if len(reason) > 100:
|
||||||
|
abort(400, 'Reason is too long (max 100 characters)!')
|
||||||
|
|
||||||
|
reason = filter_emojis_only(reason)
|
||||||
|
|
||||||
if len(reason) > 100:
|
if len(reason) > 100:
|
||||||
abort(400, 'Reason is too long (max 100 characters)!')
|
abort(400, 'Reason is too long (max 100 characters)!')
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue