Open merumelu opened 6 years ago
Better input validation should also be used to prevent such spam edits:
The warnings displayed show that we already have logic to catch defects, but it should be made blocking and not only a post-submission warning. Some strict rules would be useful to avoid spam (no URL in title, GitHub repository URL should be a valid repository URL, etc.)
Just had to remove 20 spams from 10 spam accounts made over the last 10 days... Still manageable manually but a waste of time, and better input validation would have prevented all of them since none had a valid repository URL.
At the moment there is not general validation for user input other than
errorResponseIfMissingOrNotString
, you can for example enter "11111111111111111111111" as asset version and will get a database error.Also in most cases the current system ignores any subsequent errors and only reports the first one which isn't optimal either.