##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
security: limit the maximum password lenght to 72 characters to prevent possible...
ergo -
r2128:f22a9ea9 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -92,6 +92,7 b' def LoginForm():'
92 92 password = v.UnicodeString(
93 93 strip=False,
94 94 min=3,
95 max=72,
95 96 not_empty=True,
96 97 messages={
97 98 'empty': _(u'Please enter a password'),
@@ -113,21 +114,21 b' def UserForm(edit=False, available_langu'
113 114 if edit:
114 115 new_password = All(
115 116 v.ValidPassword(),
116 v.UnicodeString(strip=False, min=6, not_empty=False)
117 v.UnicodeString(strip=False, min=6, max=72, not_empty=False)
117 118 )
118 119 password_confirmation = All(
119 120 v.ValidPassword(),
120 v.UnicodeString(strip=False, min=6, not_empty=False),
121 v.UnicodeString(strip=False, min=6, max=72, not_empty=False),
121 122 )
122 123 admin = v.StringBoolean(if_missing=False)
123 124 else:
124 125 password = All(
125 126 v.ValidPassword(),
126 v.UnicodeString(strip=False, min=6, not_empty=True)
127 v.UnicodeString(strip=False, min=6, max=72, not_empty=True)
127 128 )
128 129 password_confirmation = All(
129 130 v.ValidPassword(),
130 v.UnicodeString(strip=False, min=6, not_empty=False)
131 v.UnicodeString(strip=False, min=6, max=72, not_empty=False)
131 132 )
132 133
133 134 password_change = v.StringBoolean(if_missing=False)
@@ -209,11 +210,11 b' def RegisterForm(edit=False, old_data={}'
209 210 )
210 211 password = All(
211 212 v.ValidPassword(),
212 v.UnicodeString(strip=False, min=6, not_empty=True)
213 v.UnicodeString(strip=False, min=6, max=72, not_empty=True)
213 214 )
214 215 password_confirmation = All(
215 216 v.ValidPassword(),
216 v.UnicodeString(strip=False, min=6, not_empty=True)
217 v.UnicodeString(strip=False, min=6, max=72, not_empty=True)
217 218 )
218 219 active = v.StringBoolean(if_missing=False)
219 220 firstname = v.UnicodeString(strip=True, min=1, not_empty=False)
General Comments 0
You need to be logged in to leave comments. Login now