From cf3ebab4ba3f2d04d48a1fb6d29fc561a7aff4e1 Mon Sep 17 00:00:00 2001 From: Kidsan Date: Mon, 7 Oct 2024 22:47:45 +0200 Subject: [PATCH] fix: add length limit to discord webhook icon_url --- options/locale/locale_en-US.ini | 1 + services/webhook/discord.go | 31 +++++++++++++++++++++++++------ 2 files changed, 26 insertions(+), 6 deletions(-) diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index a4e653b6ba..115fe589f8 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -2358,6 +2358,7 @@ settings.slack_icon_url = Icon URL settings.slack_color = Color settings.discord_username = Username settings.discord_icon_url = Icon URL +settings.discord_icon_url.exceeds_max_length = Icon URL must be less than or equal to 2048 characters settings.event_desc = Trigger on: settings.event_push_only = Push events settings.event_send_everything = All events diff --git a/services/webhook/discord.go b/services/webhook/discord.go index af1dd79927..d2fa7c7d1f 100644 --- a/services/webhook/discord.go +++ b/services/webhook/discord.go @@ -14,6 +14,8 @@ import ( "strings" "unicode/utf8" + "gitea.com/go-chi/binding" + webhook_model "code.gitea.io/gitea/models/webhook" "code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/json" @@ -22,6 +24,7 @@ import ( api "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/util" webhook_module "code.gitea.io/gitea/modules/webhook" + gitea_context "code.gitea.io/gitea/services/context" "code.gitea.io/gitea/services/forms" "code.gitea.io/gitea/services/webhook/shared" ) @@ -31,13 +34,29 @@ type discordHandler struct{} func (discordHandler) Type() webhook_module.HookType { return webhook_module.DISCORD } func (discordHandler) Icon(size int) template.HTML { return shared.ImgIcon("discord.png", size) } -func (discordHandler) UnmarshalForm(bind func(any)) forms.WebhookForm { - var form struct { - forms.WebhookCoreForm - PayloadURL string `binding:"Required;ValidUrl"` - Username string - IconURL string +type discordForm struct { + forms.WebhookCoreForm + PayloadURL string `binding:"Required;ValidUrl"` + Username string + IconURL string +} + +var _ binding.Validator = &discordForm{} + +// Validate implements binding.Validator. +func (d *discordForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := gitea_context.GetWebContext(req) + if len([]rune(d.IconURL)) > 2048 { + errs = append(errs, binding.Error{ + FieldNames: []string{"IconURL"}, + Message: ctx.Locale.TrString("repo.settings.discord_icon_url.exceeds_max_length"), + }) } + return errs +} + +func (discordHandler) UnmarshalForm(bind func(any)) forms.WebhookForm { + var form discordForm bind(&form) return forms.WebhookForm{