VillainsRule
commented
3 months ago Are there already character limits?
Open alopezlago opened 3 months ago
VillainsRule
commented
3 months ago Are there already character limits?
There are lots of Unicode characters that create strange rendering behaviors which are useful for trolls. The basic 8-bit ASCII range should be enough for most user input (usernames, room names, etc.). For answers you could allow some extended characters for answers, but that shouldn't be necessary. This filtering should be done at least on the server-side.
I haven't checked the code everywhere, but you should consider limiting the length of all user inputs, not just usernames or chat messages.