mirror of https://github.com/nextcloud/server
Don't allow setting password bigger than 469 characters
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
This commit is contained in:
parent
1c23c029af
commit
f99a06c89a
|
@ -107,7 +107,7 @@ class ChangePasswordController extends Controller {
|
|||
}
|
||||
|
||||
try {
|
||||
if ($newpassword === null || $user->setPassword($newpassword) === false) {
|
||||
if ($newpassword === null || strlen($newpassword) > 469 || $user->setPassword($newpassword) === false) {
|
||||
return new JSONResponse([
|
||||
'status' => 'error',
|
||||
'data' => [
|
||||
|
@ -158,6 +158,15 @@ class ChangePasswordController extends Controller {
|
|||
]);
|
||||
}
|
||||
|
||||
if (strlen($password) > 469) {
|
||||
return new JSONResponse([
|
||||
'status' => 'error',
|
||||
'data' => [
|
||||
'message' => $this->l->t('Unable to change password. Password too long.'),
|
||||
],
|
||||
]);
|
||||
}
|
||||
|
||||
$currentUser = $this->userSession->getUser();
|
||||
$targetUser = $this->userManager->get($username);
|
||||
if ($currentUser === null || $targetUser === null ||
|
||||
|
|
|
@ -107,6 +107,7 @@
|
|||
ref="password"
|
||||
:disabled="loading.password || loading.all"
|
||||
:minlength="minPasswordLength"
|
||||
maxlength="469"
|
||||
:placeholder="t('settings', 'Add new password')"
|
||||
autocapitalize="off"
|
||||
autocomplete="new-password"
|
||||
|
|
|
@ -46,6 +46,7 @@ if ($_['passwordChangeSupported']) {
|
|||
<div class="personal-show-container">
|
||||
<label for="pass2" class="hidden-visually"><?php p($l->t('New password'));?>: </label>
|
||||
<input type="password" id="pass2" name="newpassword"
|
||||
maxlength="469"
|
||||
placeholder="<?php p($l->t('New password')); ?>"
|
||||
data-typetoggle="#personal-show"
|
||||
autocomplete="new-password" autocapitalize="none" autocorrect="off" />
|
||||
|
|
Loading…
Reference in New Issue