##// END OF EJS Templates
u » ewong » rhodecode-enterprise-ce-fork
RSS

Fork of rhodecode-enterprise-ce

security: limit the maximum password lenght to 72 characters to prevent possible...
ergo -
r2192:a51e727d stable
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -90,6 +90,7 b' def LoginForm():'
90 password = v.UnicodeString(
90 password = v.UnicodeString(
91 strip=False,
91 strip=False,
92 min=3,
92 min=3,
93 max=72,
93 not_empty=True,
94 not_empty=True,
94 messages={
95 messages={
95 'empty': _(u'Please enter a password'),
96 'empty': _(u'Please enter a password'),
@@ -111,21 +112,21 b' def UserForm(edit=False, available_langu'
111 if edit:
112 if edit:
112 new_password = All(
113 new_password = All(
113 v.ValidPassword(),
114 v.ValidPassword(),
114 v.UnicodeString(strip=False, min=6, not_empty=False)
115 v.UnicodeString(strip=False, min=6, max=72, not_empty=False)
115 )
116 )
116 password_confirmation = All(
117 password_confirmation = All(
117 v.ValidPassword(),
118 v.ValidPassword(),
118 v.UnicodeString(strip=False, min=6, not_empty=False),
119 v.UnicodeString(strip=False, min=6, max=72, not_empty=False),
119 )
120 )
120 admin = v.StringBoolean(if_missing=False)
121 admin = v.StringBoolean(if_missing=False)
121 else:
122 else:
122 password = All(
123 password = All(
123 v.ValidPassword(),
124 v.ValidPassword(),
124 v.UnicodeString(strip=False, min=6, not_empty=True)
125 v.UnicodeString(strip=False, min=6, max=72, not_empty=True)
125 )
126 )
126 password_confirmation = All(
127 password_confirmation = All(
127 v.ValidPassword(),
128 v.ValidPassword(),
128 v.UnicodeString(strip=False, min=6, not_empty=False)
129 v.UnicodeString(strip=False, min=6, max=72, not_empty=False)
129 )
130 )
130
131
131 password_change = v.StringBoolean(if_missing=False)
132 password_change = v.StringBoolean(if_missing=False)
@@ -207,11 +208,11 b' def RegisterForm(edit=False, old_data={}'
207 )
208 )
208 password = All(
209 password = All(
209 v.ValidPassword(),
210 v.ValidPassword(),
210 v.UnicodeString(strip=False, min=6, not_empty=True)
211 v.UnicodeString(strip=False, min=6, max=72, not_empty=True)
211 )
212 )
212 password_confirmation = All(
213 password_confirmation = All(
213 v.ValidPassword(),
214 v.ValidPassword(),
214 v.UnicodeString(strip=False, min=6, not_empty=True)
215 v.UnicodeString(strip=False, min=6, max=72, not_empty=True)
215 )
216 )
216 active = v.StringBoolean(if_missing=False)
217 active = v.StringBoolean(if_missing=False)
217 firstname = v.UnicodeString(strip=True, min=1, not_empty=False)
218 firstname = v.UnicodeString(strip=True, min=1, not_empty=False)
General Comments 0
You need to be logged in to leave comments. Login now