Crash possibility due to not validating information on server side

owenashurst / agar.io-clone

Agar.io clone written with Socket.IO and HTML5 canvas

MIT License

2.89k stars 1.13k forks source link

Crash possibility due to not validating information on server side #531

Open Funory opened 5 years ago

Funory commented 5 years ago

Is this a bug? Yes!

How to reproduce: Just open you're developer console (F12 or CTRL + SHIFT + I) and remove the max-length from name input. Now enter a 1,000,000 char's long name.

How to fix? Validate information on the server side!