mrhappyasthma
commented
4 years ago Filed a related bug on the Darkstar project: https://github.com/DarkstarProject/darkstar/issues/6368
Open mrhappyasthma opened 4 years ago
mrhappyasthma
commented
4 years ago Filed a related bug on the Darkstar project: https://github.com/DarkstarProject/darkstar/issues/6368
The current code doesn't really do any checking at all. We should enforce username and password length limits, restrict their characters (e.g. exclude spaces), and protect against malicious inputs (e.g. trying to manipulate the SQL query based on their input.)
We can check some of this on this end, but we should probably add checks to Darkstar connect server as well.