Length of edit comments (both privileged edits and suggested edits) is not validated neither client-side nor server-side. As a result, editors can submit up to 65 535 (privileged edits) or 255 (suggested edits) characters.
Additionally, because there are no validations, if a user attempts to submit more characters than the limits mentioned above, they'll get a raw query error due to the DB rejecting the value for the comment column.
To Reproduce
Steps to reproduce the behavior:
Log in as an unprivileged user.
Make an edit suggestion to any post.
Include more than 255 characters in the comment field.
Observe the raw query error.
There definitely needs to be some limit (and an accompanying character counter client-side), although the exact limit is up for debate (it can be made configurable, but it still leaves us with the question of what would be the default). I propose a soft cap of 150 characters (similar to commit messages) with a somewhat higher hard cap (200 or 255).
Describe the bug
Length of edit comments (both privileged edits and suggested edits) is not validated neither client-side nor server-side. As a result, editors can submit up to 65 535 (privileged edits) or 255 (suggested edits) characters.
Additionally, because there are no validations, if a user attempts to submit more characters than the limits mentioned above, they'll get a raw query error due to the DB rejecting the value for the
commentcolumn.To Reproduce
Steps to reproduce the behavior:
There definitely needs to be some limit (and an accompanying character counter client-side), although the exact limit is up for debate (it can be made configurable, but it still leaves us with the question of what would be the default). I propose a soft cap of 150 characters (similar to commit messages) with a somewhat higher hard cap (200 or 255).