diff --git a/files/routes/subs.py b/files/routes/subs.py index 0a233cf5b..f6c29406b 100644 --- a/files/routes/subs.py +++ b/files/routes/subs.py @@ -358,15 +358,16 @@ def post_sub_css(v, sub): sub = g.db.query(Sub).filter_by(name=sub.strip().lower()).one_or_none() css = request.values.get('css', '').strip() - if not sub: - abort(404) - if not v.mods(sub.name): - abort(403) + if not sub: abort(404) + if not v.mods(sub.name): abort(403) + + if len(css) > 6000: + error = "CSS is too long (max 6000 characters)" + return render_template('sub/settings.html', v=v, sidebar=sub.sidebar, sub=sub, error=error) valid, error = validate_css(css) if not valid: - return render_template('sub/settings.html', - v=v, sidebar=sub.sidebar, sub=sub, error=error) + return render_template('sub/settings.html', v=v, sidebar=sub.sidebar, sub=sub, error=error) sub.css = css g.db.add(sub) diff --git a/files/templates/sub/settings.html b/files/templates/sub/settings.html index f0f591cc1..5156700f1 100644 --- a/files/templates/sub/settings.html +++ b/files/templates/sub/settings.html @@ -134,7 +134,7 @@
- +
diff --git a/schema.sql b/schema.sql index e80973c58..00e7cf479 100644 --- a/schema.sql +++ b/schema.sql @@ -718,7 +718,7 @@ CREATE TABLE public.subs ( sidebar_html character varying(20000), sidebarurl character varying(60), bannerurl character varying(60), - css character varying(4000) + css character varying(6000) );