Browse Source
Merge pull request #35965 from nextcloud/bugfix/noid/limit-length-when-reseting-password
Also limit the password length on resettags/v26.0.0beta1
Joas Schilling
1 year ago
2 changed files with 5 additions and 1 deletions
+ 1
- 1
core/Controller/LoginController.php
View File
| @@ -121,7 +121,7 @@ class LoginController extends Controller { | |||
| $response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute( | |||
| 'core.login.showLoginForm', | |||
| ['clear' => true] // this param the the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers | |||
| ['clear' => true] // this param the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers | |||
| )); | |||
| $this->session->set('clearingExecutionContexts', '1'); | |||
+ 4
- 0
core/Controller/LostController.php
View File
| @@ -240,6 +240,10 @@ class LostController extends Controller { | |||
| $this->eventDispatcher->dispatchTyped(new BeforePasswordResetEvent($user, $password)); | |||
| \OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'pre_passwordReset', ['uid' => $userId, 'password' => $password]); | |||
| if (strlen($password) > 469) { | |||
| throw new HintException('Password too long', $this->l10n->t('Password is too long. Maximum allowed length is 469 characters.')); | |||
| } | |||
| if (!$user->setPassword($password)) { | |||
| throw new Exception(); | |||
| } | |||
Loading…