From 0813adb70d72516660514616604c449a50524c56 Mon Sep 17 00:00:00 2001 From: Fitti Date: Wed, 4 Aug 2021 16:32:51 +0200 Subject: [PATCH] Stream Alerts: Enforce sensible length limits on Name and Message (#285) Co-authored-by: Fitti --- lnbits/extensions/streamalerts/crud.py | 4 ++-- .../streamalerts/templates/streamalerts/display.html | 3 +++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/lnbits/extensions/streamalerts/crud.py b/lnbits/extensions/streamalerts/crud.py index 902b74df..1a96ee6d 100644 --- a/lnbits/extensions/streamalerts/crud.py +++ b/lnbits/extensions/streamalerts/crud.py @@ -89,8 +89,8 @@ async def post_donation(donation_id: str) -> tuple: if service.servicename == "Streamlabs": url = "https://streamlabs.com/api/v1.0/donations" data = { - "name": donation.name, - "message": donation.message, + "name": donation.name[:25], + "message": donation.message[:255], "identifier": "LNbits", "amount": donation.amount, "currency": donation.cur_code.upper(), diff --git a/lnbits/extensions/streamalerts/templates/streamalerts/display.html b/lnbits/extensions/streamalerts/templates/streamalerts/display.html index 34a2e530..2bbb83c6 100644 --- a/lnbits/extensions/streamalerts/templates/streamalerts/display.html +++ b/lnbits/extensions/streamalerts/templates/streamalerts/display.html @@ -10,6 +10,7 @@ filled dense v-model.trim="donationDialog.data.name" + maxlength="25" type="name" label="Your Name (leave blank for Anonymous donation)" > @@ -19,6 +20,7 @@ v-model.number="donationDialog.data.sats" type="number" min="1" + max="2100000000000000" suffix="sats" :rules="[val => val > 0 || 'Choose a positive number of sats!']" label="Amount of sats" @@ -27,6 +29,7 @@ filled dense v-model.trim="donationDialog.data.message" + maxlength="255" type="textarea" label="Donation Message (you can leave this blank too)" >