Update web.go #63
Update web.go #63
Conversation
made changes to truncate to 70 characters
|
Thanks for your PR! Just a couple of things: Your editor has altered the spacing of some lines, some that aren't affected by your change. Please run "go fmt" before committing code to make sure the style aligns with the rest of the project, it's always work looking at the diff before pushing it, just to make sure your editor hasn't snaked in a bad change. Also, please add some more info to the commit message, giving a description of what the change is makes bisecting and troubleshooting much easier in the future. It's also worth linking to the original issue (#60) in your PR, just so everyone knows what's going on. Finally, this kind of change needs some form of messaging on the front end explaining to the user why the password is limited to 72 bytes, it's probably worth limiting the text box field size to the limit within the backend. But don't worry if you're not comfortable altering the front end, we can do that in a different PR. Thanks again! |
|
truncatedPassword - added truncated password in the code to limit to 70 characters |
| truncatedPassword := req.Password | ||
| if len(truncatedPassword) > 70 { | ||
| truncatedPassword = truncatedPassword[:70] | ||
| } |
There was a problem hiding this comment.
This is generally the wrong way to go about this.
Rather than truncating silently, the user should get feedback that the password they entered is too long. A http.StatusBadRequest or http.StatusRequestEntityTooLarge should be returned.
|
|
made changes to truncate to 70 characters