Open Samk13 opened 3 days ago
Questions:
What is the acceptable max
length for comments?
Besides adding boundaries into the model here, is it needed to enforce the constraints in the schema and update the services?
Should we add wordcount -> here, would this count correctlly?
Package version (if known): v12rc2 / latest
Describe the bug
The comment feature in the Requests allows users to send comments with no limit on length, posing a security risk such as denial of service attacks or system crashes due to excessively long messages.
Steps to Reproduce
Expected behavior
The system should enforce a reasonable limit on the length of comments to prevent abuse and ensure stability.
Screenshots (if applicable)
Links:
https://github.com/fenekku/invenio-requests/blob/master/invenio_requests/customizations/event_types.py#L145
https://github.com/inveniosoftware/invenio-requests/blob/82dbf2885c8e777caa1c5163971ab5c31aca5398/invenio_requests/records/jsonschemas/requests/definitions-v1.0.0.json#L12
https://github.com/inveniosoftware/invenio-requests/blob/master/invenio_requests/services/events/service.py