godot-asset-library icon indicating copy to clipboard operation
godot-asset-library copied to clipboard

Published 20 hours ago verified publisher icon godotengine

Better input validation

Open merumelu opened this issue 7 years ago • 2 comments

At the moment there is not general validation for user input other than errorResponseIfMissingOrNotString , you can for example enter "11111111111111111111111" as asset version and will get a database error.

Also in most cases the current system ignores any subsequent errors and only reports the first one which isn't optimal either.

merumelu avatar Apr 09 '18 17:04 merumelu

Better input validation should also be used to prevent such spam edits:

  • https://godotengine.org/asset-library/asset/edit/632
  • https://godotengine.org/asset-library/asset/edit/633

The warnings displayed show that we already have logic to catch defects, but it should be made blocking and not only a post-submission warning. Some strict rules would be useful to avoid spam (no URL in title, GitHub repository URL should be a valid repository URL, etc.)

akien-mga avatar Apr 18 '18 07:04 akien-mga

Just had to remove 20 spams from 10 spam accounts made over the last 10 days... Still manageable manually but a waste of time, and better input validation would have prevented all of them since none had a valid repository URL.

akien-mga avatar May 01 '18 13:05 akien-mga