Skip to content
This repository has been archived by the owner. It is now read-only.

Single quotes in username are bad #1005

Closed
magicalbob opened this issue Dec 12, 2014 · 0 comments
Closed

Single quotes in username are bad #1005

magicalbob opened this issue Dec 12, 2014 · 0 comments
Assignees
Milestone

Comments

@magicalbob
Copy link

@magicalbob magicalbob commented Dec 12, 2014

Adding a user with a single quote in username is accepted by graylog2-web-interface, but you can't log in with that user and you can't delete the user.

Add

        if (username.indexOf("'") > -1 ) {
          validationFailure( createUsernameField, "Username can't have quotes.");
          domElement.setCustomValidity('Username cannot have quotes.');
        } else {
          $.ajax({

.
.
.

          });
        }

to app/assets/javascripts/main.js stops anyone from doing something stupid like putting a single quote in a username.

I'm a newb and haven't worked out how to commit changes .......

@kroepke kroepke added this to the 0.93 milestone Jan 12, 2015
@kroepke kroepke self-assigned this Jan 20, 2015
@kroepke kroepke closed this in aba165b Jan 20, 2015
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants