diff options
author | Miguel Jacq <mig@mig5.net> | 2021-05-14 10:44:14 +1000 |
---|---|---|
committer | Miguel Jacq <mig@mig5.net> | 2021-05-14 10:44:14 +1000 |
commit | 00473eaef6f013ccce870335785873f89db0617d (patch) | |
tree | 3cfb5a2f498304c4712ade611d1a965bdcdfca46 /cli | |
parent | b2d57ff7874bdfa9758860909aa82cedbb1a3041 (diff) | |
download | onionshare-00473eaef6f013ccce870335785873f89db0617d.tar.gz onionshare-00473eaef6f013ccce870335785873f89db0617d.zip |
Prevent usernames in Chat mode of length 128 chars or more
Diffstat (limited to 'cli')
-rw-r--r-- | cli/onionshare_cli/resources/static/js/chat.js | 11 | ||||
-rw-r--r-- | cli/onionshare_cli/resources/templates/chat.html | 3 | ||||
-rw-r--r-- | cli/onionshare_cli/web/chat_mode.py | 33 |
3 files changed, 35 insertions, 12 deletions
diff --git a/cli/onionshare_cli/resources/static/js/chat.js b/cli/onionshare_cli/resources/static/js/chat.js index 258b020b..97b14e3e 100644 --- a/cli/onionshare_cli/resources/static/js/chat.js +++ b/cli/onionshare_cli/resources/static/js/chat.js @@ -88,7 +88,7 @@ var emitMessage = function (socket) { var updateUsername = function (socket) { var username = $('#username').val(); - if (!checkUsernameExists(username)) { + if (!checkUsernameExists(username) && !checkUsernameLength(username)) { $.ajax({ method: 'POST', url: `http://${document.domain}:${location.port}/update-session-username`, @@ -133,6 +133,15 @@ var checkUsernameExists = function (username) { return false; } +var checkUsernameLength = function (username) { + $('#username-error').text(''); + if (username.length > 128) { + $('#username-error').text('Please choose a shorter username.'); + return true; + } + return false; +} + var getScrollDiffBefore = function () { return $('#chat').scrollTop() - ($('#chat')[0].scrollHeight - $('#chat')[0].offsetHeight); } diff --git a/cli/onionshare_cli/resources/templates/chat.html b/cli/onionshare_cli/resources/templates/chat.html index 7156d58c..7f60b11d 100644 --- a/cli/onionshare_cli/resources/templates/chat.html +++ b/cli/onionshare_cli/resources/templates/chat.html @@ -23,6 +23,7 @@ <div class="chat-container no-js"> <div class="chat-users"> <div class="editable-username"> + <p>Your username:</p> <input id="username" value="{{ username }}" /> <p id="username-error"></p> </div> @@ -43,4 +44,4 @@ <script async src="{{ static_url_path }}/js/chat.js"></script> </body> -</html>
\ No newline at end of file +</html> diff --git a/cli/onionshare_cli/web/chat_mode.py b/cli/onionshare_cli/web/chat_mode.py index 8b2a5673..e9b573dd 100644 --- a/cli/onionshare_cli/web/chat_mode.py +++ b/cli/onionshare_cli/web/chat_mode.py @@ -79,20 +79,33 @@ class ChatModeWeb: if ( data.get("username", "") and data.get("username", "") not in self.connected_users + and len(data.get("username", "")) < 128 ): session["name"] = data.get("username", session.get("name")) - self.web.add_request( - request.path, - {"id": history_id, "status_code": 200}, - ) + self.web.add_request( + request.path, + {"id": history_id, "status_code": 200}, + ) - self.web.add_request(self.web.REQUEST_LOAD, request.path) - r = make_response( - jsonify( - username=session.get("name"), - success=True, + self.web.add_request(self.web.REQUEST_LOAD, request.path) + r = make_response( + jsonify( + username=session.get("name"), + success=True, + ) + ) + else: + self.web.add_request( + request.path, + {"id": history_id, "status_code": 403}, + ) + + r = make_response( + jsonify( + username=session.get("name"), + success=False, + ) ) - ) return self.web.add_security_headers(r) @self.web.socketio.on("joined", namespace="/chat") |