diff --git a/files/helpers/const.py b/files/helpers/const.py index ff2e0cf74..093f8b07a 100644 --- a/files/helpers/const.py +++ b/files/helpers/const.py @@ -390,6 +390,7 @@ POST_BODY_LENGTH_LIMIT = 20000 # do not make larger than 20000 without altering POST_BODY_HTML_LENGTH_LIMIT = 40000 # do not make larger than 40000 without altering the table COMMENT_BODY_LENGTH_LIMIT = 10000 # do not make larger than 10000 characters without altering the table COMMENT_BODY_HTML_LENGTH_LIMIT = 20000 # do not make larger than 20000 characters without altering the table +CSS_LENGTH_LIMIT = 10000 # do not make larger than 20000 characters without altering the table COMMENT_MAX_DEPTH = 200 TRANSFER_MESSAGE_LENGTH_LIMIT = 200 # do not make larger than 10000 characters (comment limit) without altering the table MIN_REPOST_CHECK_URL_LENGTH = 9 # also change the constant in checkRepost() of submit.js diff --git a/files/routes/settings.py b/files/routes/settings.py index 6ccf86b5c..9867a118e 100644 --- a/files/routes/settings.py +++ b/files/routes/settings.py @@ -599,7 +599,7 @@ def settings_css_get(v:User): @ratelimit_user() def settings_css(v): if v.agendaposter: abort(400, "Agendapostered users can't edit CSS!") - css = request.values.get("css", v.css).strip().replace('\\', '').strip()[:4000] + css = request.values.get("css", v.css).strip().replace('\\', '').strip()[:CSS_LENGTH_LIMIT] if '