-
Notifications
You must be signed in to change notification settings - Fork 3.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Limit for "Instructions" field in creating and editing a session not correctly treated. #12455
Comments
Hi @pabloheika, I'm inclined to leave this as is since it's very unlikely anyone will enter such long text into the input field (and as far as I'm aware, this poses no security concern). Loading times also seem fine to me, I believe under 10s. Previous data isn't overwritten as well. Perhaps an improvement to be made is to have a more descriptive error message, rather than impose an arbitrary limit on the text length of the input field. Let's see what others think. As a quick benchmark, I checked this with 500,000 words for a total of 3,385,396 bytes/characters and didn't get an error. Loading times (rough estimate) were under 5s. |
Generally speaking, we would only mark a UI issue as needing fix if it either poses a threat to system stability and/or security or inconvenience to a significant number of users.
However, we do need a hard limit on the backend. An unlimited upper bound, even without security concern, would bloat our DB storage cost (I'm not sure if there's a term for this kind of attack). The hard limit can be a sensibly large number such that anything beyond that is clearly an abuse attempt. |
What should the word limit be for it? |
@wkurniawan07, any suggestions? I would say not more than 500 words, though it might be worth taking a look at how many words are usually used for the instructions field |
Hi, I would like to work on this if there is not progress yet. |
Hi @rexong, feel free to submit a PR for this issue. As for the max number of characters/words... will leave it up to you for now, just decide on a reasonable amount (: |
* Limit word and character count in text editor * Fix snapshot testing and remove character limit * Quick fix on word limit * Fix snapshot test * Change Word Count to Character Count * Fix linting * Update Snapshot test * Change Character Count Limit * Fix select all + paste bug * Trauncate text and set cursor to end of pasted text * Fix lint --------- Co-authored-by: Dominic Lim <46486515+domlimm@users.noreply.github.com> Co-authored-by: Wei Qing <48304907+weiquu@users.noreply.github.com>
name: Bug Report
about: Reporting an error or defect in the application
Limit for "Instructions" field in creating and editing a session not correctly treated.
Development server
branch
master
on commit 101cd63Steps to reproduce
Expected behavior
It is recommended that the development team review the text entry logic of the system and implement a proper limitation to avoid possible future problems.
This limitation should simply make it impossible to make more entries as is already the case in other fields
Actual behaviour
The text field has been accepting unlimited insertion of information and this has slowed down the browser.
After sending it to the server, it takes a long time to load and then gets an error.
Additional Information
The text was updated successfully, but these errors were encountered: