search

kestra-io / kestra

:zap: Open-source workflow automation platform. Orchestrate any language using YAML, hundreds of integrations. Alternative to Airflow, n8n, RunDeck, Camunda, Jenkins...
https://kestra.io
Apache License 2.0
9.58k stars 736 forks source link

No password length constraint #3871

Closed munteanstefan closed 2 months ago

munteanstefan commented 4 months ago

Describe the issue

No password length constraint may lead blocking of the login functionality, and it cached a response: {"message":"Request Entity Too Large","_links":{"self":{"href":"/ui/admin/stats"}},"_embedded":{"errors":[{"message":"Request Entity Too Large"}]}}

Preconditions: kestra started up and at least one flow is saved in dashboard

Steps to reproduce

1 Activate basic authorization 2 insert a huge string in the email/password/confirm password field example : input a string of 2997 characters 3 Save the credentials and try to login with the correct email and password

Note that the response is cached, so opening a new tab will result in the same response, check screenshot

image

Environment

frankzengjj commented 3 months ago

hi I would like to take this issue. The PR is here.

MilosPaunovic commented 2 months ago

Closed by https://github.com/kestra-io/kestra/pull/4261. Thanks @frankzengjj for the contribution! 🚀