nopCommerce icon indicating copy to clipboard operation
nopCommerce copied to clipboard

Published 20 hours ago verified publisher icon nopSolutions

Length restriction on frontend inputs

Open AndreiMaz opened this issue 1 year ago • 1 comments

nopCommerce version: 4.60.1

All details at https://www.nopcommerce.com/en/boards/topic/96120/no-password-length-restriction-leads-to-denial-of-service

Let's investigate whether it can be used for any kind of attacks

Related work item: https://github.com/nopSolutions/nopCommerce/issues/6557

AndreiMaz avatar Jan 27 '23 05:01 AndreiMaz

We have a method SetStringPropertiesMaxLength that allows us to set a limit on the length of the field in accordance with the length in the database. We can consider using it not only in the administration area but also in the public store. Then we just need to set restrictions in the table structure.

skoshelev avatar Mar 15 '23 07:03 skoshelev