Uploaded image for project: 'Project Quay'
  1. Project Quay
  2. PROJQUAY-10661

Input Validation: Missing Server-Side Enforcement:

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • OMR, quay
    • False
    • Hide

      None

      Show
      None
    • False
    • User Experience
    • Quay

      Character limits are enforced client-side but are not consistently applied at the API level (server-side).

      • Risk: Allows submission of excessively large payloads, leading to UI disruption (layout/display issues) for other users and a potential resource exhaustion vector under certain conditions.
      • Action: Implement mandatory, robust server-side validation to enforce character limits for all relevant input fields, mirroring or exceeding the client-side restrictions.

        1. UI_Output.jpg
          UI_Output.jpg
          247 kB
        2. Request_with_large_payload.jpg
          Request_with_large_payload.jpg
          388 kB

              Unassigned Unassigned
              tscully@redhat.com Tony Scully
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: