Merge branch 'advisory-fix-1' of github.com:onionshare/onionshare-ghsa-pmjc-j5gp-7hcj into release-2.6.2

This commit is contained in:
Saptak S 2024-03-15 12:31:15 +05:30
commit 03f89bfaa7
No known key found for this signature in database
GPG Key ID: 7B7F1772C0C6FCBF
2 changed files with 6 additions and 3 deletions

View File

@ -53,7 +53,7 @@
<p><input type="file" id="file-select" name="file[]" multiple /></p>
{% endif %}
{% if not disable_text %}
<p><textarea id="text" name="text" placeholder="Write a message"></textarea></p>
<p><textarea id="text" name="text" placeholder="Write a message (max length 524288 characters)" maxlength="524288"></textarea></p>
{% endif %}
<p><button type="submit" id="send-button" class="button">Submit</button></p>
</form>

View File

@ -194,7 +194,10 @@ class ReceiveModeWeb:
if files_received > 0:
msg = f"Uploaded {files_msg}"
else:
msg = "Nothing submitted"
if not self.web.settings.get("receive", "disable_text"):
msg = "Nothing submitted or message was too long (> 524288 characters)"
else:
msg = "Nothing submitted"
if ajax:
info_flashes.append(msg)
@ -462,7 +465,7 @@ class ReceiveModeRequest(Request):
self.includes_message = False
if not self.web.settings.get("receive", "disable_text"):
text_message = self.form.get("text")
if text_message:
if text_message and len(text_message) <= 524288:
if text_message.strip() != "":
self.includes_message = True