diff --git a/CHANGELOG.md b/CHANGELOG.md index 8c0de0c8..6997aadc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -32,6 +32,10 @@ remove_on_failure = 31536000 remove_on_complete = 31536000 # Time in seconds to remove failed jobs remove_on_failure = 31536000 + +[validation] +max_emoji_size = 1000000 +max_emoji_description_size = 1000 ``` ### Configuration Changes diff --git a/api/api/v1/emojis/:id/index.ts b/api/api/v1/emojis/:id/index.ts index b7a35e64..0317e708 100644 --- a/api/api/v1/emojis/:id/index.ts +++ b/api/api/v1/emojis/:id/index.ts @@ -44,9 +44,19 @@ export const schemas = { .min(1) .max(2000) .url() - .or(z.instanceof(File)), + .or( + z + .instanceof(File) + .refine( + (v) => v.size <= config.validation.max_emoji_size, + `Emoji must be less than ${config.validation.max_emoji_size} bytes`, + ), + ), category: z.string().max(64).optional(), - alt: z.string().max(1000).optional(), + alt: z + .string() + .max(config.validation.max_emoji_description_size) + .optional(), global: z .string() .transform((v) => ["true", "1", "on"].includes(v.toLowerCase())) diff --git a/api/api/v1/emojis/index.ts b/api/api/v1/emojis/index.ts index 4ca850be..8f956b4e 100644 --- a/api/api/v1/emojis/index.ts +++ b/api/api/v1/emojis/index.ts @@ -40,9 +40,19 @@ export const schemas = { .min(1) .max(2000) .url() - .or(z.instanceof(File)), + .or( + z + .instanceof(File) + .refine( + (v) => v.size <= config.validation.max_emoji_size, + `Emoji must be less than ${config.validation.max_emoji_size} bytes`, + ), + ), category: z.string().max(64).optional(), - alt: z.string().max(1000).optional(), + alt: z + .string() + .max(config.validation.max_emoji_description_size) + .optional(), global: z .string() .transform((v) => ["true", "1", "on"].includes(v.toLowerCase())) diff --git a/config/config.example.toml b/config/config.example.toml index 5009212f..c4329abe 100644 --- a/config/config.example.toml +++ b/config/config.example.toml @@ -164,6 +164,8 @@ max_header_size = 5_000_000 max_media_size = 40_000_000 max_media_attachments = 10 max_media_description_size = 1000 +max_emoji_size = 1000000 +max_emoji_description_size = 1000 max_poll_options = 20 max_poll_option_size = 500 min_poll_duration = 60 # Seconds diff --git a/config/config.schema.json b/config/config.schema.json index b1d2f2cb..f985000c 100644 --- a/config/config.schema.json +++ b/config/config.schema.json @@ -530,6 +530,14 @@ "type": "integer", "default": 1000 }, + "max_emoji_size": { + "type": "integer", + "default": 1000000 + }, + "max_emoji_description_size": { + "type": "integer", + "default": 1000 + }, "max_poll_options": { "type": "integer", "default": 20 @@ -1864,6 +1872,8 @@ "max_media_size": 40000000, "max_media_attachments": 10, "max_media_description_size": 1000, + "max_emoji_size": 1000000, + "max_emoji_description_size": 1000, "max_poll_options": 20, "max_poll_option_size": 500, "min_poll_duration": 60, diff --git a/packages/config-manager/config.type.ts b/packages/config-manager/config.type.ts index 25a40c03..92247a6b 100644 --- a/packages/config-manager/config.type.ts +++ b/packages/config-manager/config.type.ts @@ -294,6 +294,8 @@ export const configValidator = z max_media_size: z.number().int().default(40000000), max_media_attachments: z.number().int().default(10), max_media_description_size: z.number().int().default(1000), + max_emoji_size: z.number().int().default(1000000), + max_emoji_description_size: z.number().int().default(1000), max_poll_options: z.number().int().default(20), max_poll_option_size: z.number().int().default(500), min_poll_duration: z.number().int().default(60), @@ -383,6 +385,8 @@ export const configValidator = z max_media_size: 40000000, max_media_attachments: 10, max_media_description_size: 1000, + max_emoji_size: 1000000, + max_emoji_description_size: 1000, max_poll_options: 20, max_poll_option_size: 500, min_poll_duration: 60,