From ab3980cd38575f310730c5871f25589d060ba0b3 Mon Sep 17 00:00:00 2001 From: Omar Roth Date: Fri, 7 Jun 2019 11:28:58 -0500 Subject: [PATCH] Enforce maximum email length --- src/invidious.cr | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/invidious.cr b/src/invidious.cr index c60e5537..1882c4ff 100644 --- a/src/invidious.cr +++ b/src/invidious.cr @@ -897,7 +897,8 @@ post "/login" do |env| next templated "error" end - email = env.params.body["email"]?.try &.downcase + # https://stackoverflow.com/a/574698 + email = env.params.body["email"]?.try &.downcase.byte_slice(0, 254) password = env.params.body["password"]? account_type = env.params.query["type"]?