update login scurity

This commit is contained in:
root
2026-05-08 00:17:42 -04:00
parent b01a4496e6
commit 76866ffe1e
17 changed files with 342 additions and 62 deletions
+10 -3
View File
@@ -20,15 +20,22 @@ class ProofreadController extends ResourceController
}
// Accept form-urlencoded payload to play nicely with CSRF protection
$text = (string) ($this->request->getPost('text') ?? '');
if ($text === '' || mb_strlen($text) > 20000) {
$validation = service('validation');
$payload = sanitize_request_value($this->request->getPost(['text']));
$validation->setRules([
'text' => 'required|min_length[1]|max_length[20000]',
]);
if (! $validation->run($payload)) {
return $this->respond([
'ok' => false,
'error' => 'Invalid text (empty or too long).',
'error' => 'Invalid text payload.',
'csrfHash' => csrf_hash(),
], 422);
}
$text = (string) $payload['text'];
$client = \Config\Services::curlrequest(['timeout' => 10]);
try {