From 3a2cc571e29a7913691d669a8bec3f8da9f6f068 Mon Sep 17 00:00:00 2001 From: Kyle Drake Date: Sat, 9 Aug 2025 18:20:10 -0500 Subject: [PATCH] catch file name too long --- app/site_files.rb | 5 +++++ tests/site_file_tests.rb | 14 ++++++++++++++ 2 files changed, 19 insertions(+) diff --git a/app/site_files.rb b/app/site_files.rb index de5922e6..02d97edf 100644 --- a/app/site_files.rb +++ b/app/site_files.rb @@ -37,6 +37,11 @@ post '/site_files/create' do redirect redirect_uri end + if SiteFile.name_too_long?(name) + flash[:error] = "File name is too long (exceeds #{SiteFile::FILE_NAME_CHARACTER_LIMIT} characters)." + redirect redirect_uri + end + extname = File.extname name unless extname.empty? || extname.match(/^\.#{Site::EDITABLE_FILE_EXT}/i) diff --git a/tests/site_file_tests.rb b/tests/site_file_tests.rb index a2218edc..d9cb23a7 100644 --- a/tests/site_file_tests.rb +++ b/tests/site_file_tests.rb @@ -36,6 +36,20 @@ describe 'site_files' do _(PurgeCacheWorker.jobs.length).must_equal 1 _(PurgeCacheWorker.jobs.first['args'].last).must_equal '/test' end + + it 'rejects filenames that exceed the character limit' do + long_filename = 'a' * (SiteFile::FILE_NAME_CHARACTER_LIMIT + 1) + '.html' + + post '/site_files/create', {filename: long_filename, csrf_token: 'abcd'}, {'rack.session' => { 'id' => @site.id, '_csrf_token' => 'abcd' }} + + _(last_response.status).must_equal 302 + _(last_response.headers['Location']).must_match /dashboard/ + + # Check for error message by following the redirect + get '/dashboard', {}, {'rack.session' => { 'id' => @site.id, '_csrf_token' => 'abcd' }} + _(last_response.body).must_match /file name is too long/i + _(last_response.body).must_match /exceeds #{SiteFile::FILE_NAME_CHARACTER_LIMIT} characters/ + end end describe 'rename' do