Length restriction on frontend inputs #6552
Assignees
Labels
Comments
|
We have a method SetStringPropertiesMaxLength that allows us to set a limit on the length of the field in accordance with the length in the database. We can consider using it not only in the administration area but also in the public store. Then we just need to set restrictions in the table structure. |
hassanelsherbiny
added a commit
to hassanelsherbiny/nopCommerce
that referenced
this issue
Nov 11, 2023
hassanelsherbiny
added a commit
to hassanelsherbiny/nopCommerce
that referenced
this issue
Nov 14, 2023
|
After some consideration we've decided not to implement this functionality out of the box and leave it for customization because the original work item is already implemented. The issue with hashing could be reproduced there only and it's not related to other inputs (e.g. first name, etc) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
nopCommerce version: 4.60.1
All details at https://www.nopcommerce.com/en/boards/topic/96120/no-password-length-restriction-leads-to-denial-of-service
Let's investigate whether it can be used for any kind of attacks
Related work item: #6557
The text was updated successfully, but these errors were encountered: