aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTim-Niclas Oelschläger <72873130+zokkis@users.noreply.github.com>2024-02-25 15:31:15 +0100
committerGitHub <noreply@github.com>2024-02-25 14:31:15 +0000
commit756b952c52f1efbb137df36d5b97b370c8a45565 (patch)
tree56494f3b25b7fe8a1b319ebb563b42dd7e5d6f14
parentd2f6588b66549b33adf8bac7044d03c89d668470 (diff)
downloadgitea-756b952c52f1efbb137df36d5b97b370c8a45565.tar.gz
gitea-756b952c52f1efbb137df36d5b97b370c8a45565.zip
enforce maxlength in frontend (#29389)
Set maxlength attribute in frontend to long file-name ![image](https://github.com/go-gitea/gitea/assets/72873130/15111614-55ab-4583-acb2-15c25997601d) ![image](https://github.com/go-gitea/gitea/assets/72873130/4105ddd8-4973-4da8-b3ab-4cfae1b45554) (same for branch-name and commit-summary)
-rw-r--r--templates/repo/editor/commit_form.tmpl4
-rw-r--r--templates/repo/editor/edit.tmpl2
-rw-r--r--templates/repo/editor/patch.tmpl2
-rw-r--r--templates/repo/editor/upload.tmpl2
-rw-r--r--web_src/js/utils.js7
5 files changed, 9 insertions, 8 deletions
diff --git a/templates/repo/editor/commit_form.tmpl b/templates/repo/editor/commit_form.tmpl
index f0f0f47826..94429452dd 100644
--- a/templates/repo/editor/commit_form.tmpl
+++ b/templates/repo/editor/commit_form.tmpl
@@ -9,7 +9,7 @@
{{ctx.Locale.Tr "repo.editor.commit_changes"}}
{{- end}}</h3>
<div class="field">
- <input name="commit_summary" placeholder="{{if .PageIsDelete}}{{ctx.Locale.Tr "repo.editor.delete" .TreePath}}{{else if .PageIsUpload}}{{ctx.Locale.Tr "repo.editor.upload_files_to_dir" .TreePath}}{{else if .IsNewFile}}{{ctx.Locale.Tr "repo.editor.add_tmpl"}}{{else if .PageIsPatch}}{{ctx.Locale.Tr "repo.editor.patch"}}{{else}}{{ctx.Locale.Tr "repo.editor.update" .TreePath}}{{end}}" value="{{.commit_summary}}" autofocus>
+ <input name="commit_summary" maxlength="100" placeholder="{{if .PageIsDelete}}{{ctx.Locale.Tr "repo.editor.delete" .TreePath}}{{else if .PageIsUpload}}{{ctx.Locale.Tr "repo.editor.upload_files_to_dir" .TreePath}}{{else if .IsNewFile}}{{ctx.Locale.Tr "repo.editor.add_tmpl"}}{{else if .PageIsPatch}}{{ctx.Locale.Tr "repo.editor.patch"}}{{else}}{{ctx.Locale.Tr "repo.editor.update" .TreePath}}{{end}}" value="{{.commit_summary}}" autofocus>
</div>
<div class="field">
<textarea name="commit_message" placeholder="{{ctx.Locale.Tr "repo.editor.commit_message_desc"}}" rows="5">{{.commit_message}}</textarea>
@@ -60,7 +60,7 @@
<div class="quick-pull-branch-name {{if not (eq .commit_choice "commit-to-new-branch")}}gt-hidden{{end}}">
<div class="new-branch-name-input field {{if .Err_NewBranchName}}error{{end}}">
{{svg "octicon-git-branch"}}
- <input type="text" name="new_branch_name" value="{{.new_branch_name}}" class="input-contrast gt-mr-2 js-quick-pull-new-branch-name" placeholder="{{ctx.Locale.Tr "repo.editor.new_branch_name_desc"}}" {{if eq .commit_choice "commit-to-new-branch"}}required{{end}} title="{{ctx.Locale.Tr "repo.editor.new_branch_name"}}">
+ <input type="text" name="new_branch_name" maxlength="100" value="{{.new_branch_name}}" class="input-contrast gt-mr-2 js-quick-pull-new-branch-name" placeholder="{{ctx.Locale.Tr "repo.editor.new_branch_name_desc"}}" {{if eq .commit_choice "commit-to-new-branch"}}required{{end}} title="{{ctx.Locale.Tr "repo.editor.new_branch_name"}}">
<span class="text-muted js-quick-pull-normalization-info"></span>
</div>
</div>
diff --git a/templates/repo/editor/edit.tmpl b/templates/repo/editor/edit.tmpl
index cfc266731b..a6dce81c08 100644
--- a/templates/repo/editor/edit.tmpl
+++ b/templates/repo/editor/edit.tmpl
@@ -15,7 +15,7 @@
{{range $i, $v := .TreeNames}}
<div class="breadcrumb-divider">/</div>
{{if eq $i $l}}
- <input id="file-name" value="{{$v}}" placeholder="{{ctx.Locale.Tr "repo.editor.name_your_file"}}" data-editorconfig="{{$.EditorconfigJson}}" required autofocus>
+ <input id="file-name" maxlength="500" value="{{$v}}" placeholder="{{ctx.Locale.Tr "repo.editor.name_your_file"}}" data-editorconfig="{{$.EditorconfigJson}}" required autofocus>
<span data-tooltip-content="{{ctx.Locale.Tr "repo.editor.filename_help"}}">{{svg "octicon-info"}}</span>
{{else}}
<span class="section"><a href="{{$.BranchLink}}/{{index $.TreePaths $i | PathEscapeSegments}}">{{$v}}</a></span>
diff --git a/templates/repo/editor/patch.tmpl b/templates/repo/editor/patch.tmpl
index 44c30bd5f9..c9a78cc35f 100644
--- a/templates/repo/editor/patch.tmpl
+++ b/templates/repo/editor/patch.tmpl
@@ -15,7 +15,7 @@
<a class="section" href="{{$.BranchLink}}">{{.BranchName}}</a>
<span>{{ctx.Locale.Tr "repo.editor.or"}} <a href="{{$.BranchLink}}">{{ctx.Locale.Tr "repo.editor.cancel_lower"}}</a></span>
<input type="hidden" id="tree_path" name="tree_path" value="" required>
- <input id="file-name" type="hidden" value="diff.patch">
+ <input id="file-name" maxlength="500" type="hidden" value="diff.patch">
</div>
</div>
<div class="field">
diff --git a/templates/repo/editor/upload.tmpl b/templates/repo/editor/upload.tmpl
index d362a5602a..0a7c49dae3 100644
--- a/templates/repo/editor/upload.tmpl
+++ b/templates/repo/editor/upload.tmpl
@@ -13,7 +13,7 @@
{{range $i, $v := .TreeNames}}
<div class="breadcrumb-divider">/</div>
{{if eq $i $l}}
- <input type="text" id="file-name" value="{{$v}}" placeholder="{{ctx.Locale.Tr "repo.editor.add_subdir"}}" autofocus>
+ <input type="text" id="file-name" maxlength="500" value="{{$v}}" placeholder="{{ctx.Locale.Tr "repo.editor.add_subdir"}}" autofocus>
<span data-tooltip-content="{{ctx.Locale.Tr "repo.editor.filename_help"}}">{{svg "octicon-info"}}</span>
{{else}}
<span class="section"><a href="{{$.BranchLink}}/{{index $.TreePaths $i | PathEscapeSegments}}">{{$v}}</a></span>
diff --git a/web_src/js/utils.js b/web_src/js/utils.js
index 3a2694335f..ce0fb66343 100644
--- a/web_src/js/utils.js
+++ b/web_src/js/utils.js
@@ -2,13 +2,14 @@ import {encode, decode} from 'uint8-to-base64';
// transform /path/to/file.ext to file.ext
export function basename(path = '') {
- return path ? path.replace(/^.*\//, '') : '';
+ const lastSlashIndex = path.lastIndexOf('/');
+ return lastSlashIndex < 0 ? path : path.substring(lastSlashIndex + 1);
}
// transform /path/to/file.ext to .ext
export function extname(path = '') {
- const [_, ext] = /.+(\.[^.]+)$/.exec(path) || [];
- return ext || '';
+ const lastPointIndex = path.lastIndexOf('.');
+ return lastPointIndex < 0 ? '' : path.substring(lastPointIndex);
}
// test whether a variable is an object