diff options
| -rw-r--r-- | core/Controller/LoginController.php | 2 | ||||
| -rw-r--r-- | core/Controller/LostController.php | 4 |
2 files changed, 5 insertions, 1 deletions
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index 4c4a12355d2..386987842c2 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -121,7 +121,7 @@ class LoginController extends Controller { $response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute( 'core.login.showLoginForm', - ['clear' => true] // this param the the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers + ['clear' => true] // this param the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers )); $this->session->set('clearingExecutionContexts', '1'); diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php index fadfa242b93..e7960dbcef5 100644 --- a/core/Controller/LostController.php +++ b/core/Controller/LostController.php @@ -240,6 +240,10 @@ class LostController extends Controller { $this->eventDispatcher->dispatchTyped(new BeforePasswordResetEvent($user, $password)); \OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'pre_passwordReset', ['uid' => $userId, 'password' => $password]); + if (strlen($password) > 469) { + throw new HintException('Password too long', $this->l10n->t('Password is too long. Maximum allowed length is 469 characters.')); + } + if (!$user->setPassword($password)) { throw new Exception(); } |