diff --git a/src/app/jams/api/content/[content]/judgements/[judgement]/route.ts b/src/app/jams/api/content/[content]/judgements/[judgement]/route.ts index 33d0356..2366b2d 100644 --- a/src/app/jams/api/content/[content]/judgements/[judgement]/route.ts +++ b/src/app/jams/api/content/[content]/judgements/[judgement]/route.ts @@ -116,7 +116,7 @@ export async function PATCH(request: NextRequest, {params}: {params: {content:st let newBody:Partial = {}; - if (body.content != null && typeof body.content === 'string') newBody.content = body.content; + if (body.content != null && typeof body.content === 'string' && body.content.length <= 10000) newBody.content = body.content; let res; try { diff --git a/src/app/jams/api/content/[content]/judgements/route.ts b/src/app/jams/api/content/[content]/judgements/route.ts index 7b85c75..28fbe61 100644 --- a/src/app/jams/api/content/[content]/judgements/route.ts +++ b/src/app/jams/api/content/[content]/judgements/route.ts @@ -95,7 +95,7 @@ export async function POST(request: NextRequest, {params}: {params: {content: st if (body.id != null) te.push("id"); if (body.author_id != null) te.push("author_id"); if (body.content_id != null) te.push("content_id"); - if (typeof body.content !== 'string') te.push("content"); + if (typeof body.content !== 'string' && body.description.length <= 10000) te.push("content"); if (body.published != null) te.push("published"); diff --git a/src/app/jams/api/content/[content]/route.ts b/src/app/jams/api/content/[content]/route.ts index fdcaa38..0253068 100644 --- a/src/app/jams/api/content/[content]/route.ts +++ b/src/app/jams/api/content/[content]/route.ts @@ -86,9 +86,9 @@ export async function PATCH(request: NextRequest, {params}: {params: {content:st let newBody:Partial = {}; - if (body.name != null && typeof body.name === 'string') newBody.name = body.name; - if (body.description != null && typeof body.description === 'string') newBody.description = body.description; - if (body.url != null && typeof body.url === 'string') newBody.url = body.url; + if (body.name != null && typeof body.name === 'string' && body.name.length <= 2048) newBody.name = body.name; + if (body.description != null && typeof body.description === 'string' && body.description.length <= 10000) newBody.description = body.description; + if (body.url != null && typeof body.url === 'string' && body.url.length <= 2048) newBody.url = body.url; let res; try { diff --git a/src/app/jams/api/jams/[jam]/content/route.ts b/src/app/jams/api/jams/[jam]/content/route.ts index 6ac807f..dc65f5a 100644 --- a/src/app/jams/api/jams/[jam]/content/route.ts +++ b/src/app/jams/api/jams/[jam]/content/route.ts @@ -100,9 +100,9 @@ export async function POST(request: NextRequest, {params}: {params: {jam: string if (body.id != null) te.push("id"); if (body.author_id != null) te.push("author_id"); if (body.jam_id != null) te.push("jam_id"); - if (typeof body.name !== 'string') te.push("name"); - if (typeof body.description !== 'string') te.push("description"); - if (typeof body.url !== 'string') te.push("url"); + if (typeof body.name !== 'string' && body.name.length <= 2048) te.push("name"); + if (typeof body.description !== 'string' && body.description.length <= 10000) te.push("description"); + if (typeof body.url !== 'string' && body.url.length <= 2048) te.push("url"); if (body.submitted != null) te.push("submitted"); diff --git a/src/app/jams/api/jams/[jam]/route.ts b/src/app/jams/api/jams/[jam]/route.ts index 5b4f6da..9a9213f 100644 --- a/src/app/jams/api/jams/[jam]/route.ts +++ b/src/app/jams/api/jams/[jam]/route.ts @@ -86,8 +86,8 @@ export async function PATCH(request: NextRequest, {params}: {params: {jam:string let newBody:Partial = {}; - if (body.name != null && typeof body.name === 'string') newBody.name = body.name; - if (body.description != null && typeof body.description === 'string') newBody.description = body.description; + if (body.name != null && typeof body.name === 'string' && body.name.length <= 2048) newBody.name = body.name; + if (body.description != null && typeof body.description === 'string' && body.description.length <= 10000) newBody.description = body.description; if (body.date_start != null && typeof body.date_start === 'number') newBody.date_start = body.date_start; if (body.date_end != null && typeof body.date_end === 'number') newBody.date_end = body.date_end; diff --git a/src/app/jams/api/jams/route.ts b/src/app/jams/api/jams/route.ts index 246ae9b..ddd35f7 100644 --- a/src/app/jams/api/jams/route.ts +++ b/src/app/jams/api/jams/route.ts @@ -69,8 +69,8 @@ export async function POST(request: NextRequest) { const te = []; if (body.id != null) te.push("id"); if (body.author_id != null) te.push("author_id"); - if (typeof body.name !== 'string') te.push("name"); - if (typeof body.description !== 'string') te.push("description"); + if (typeof body.name !== 'string' && body.name.length <= 2048) te.push("name"); + if (typeof body.description !== 'string' && body.description.length <= 10000) te.push("description"); if (typeof body.date_start !== 'number') te.push("date_start"); if (typeof body.date_end !== 'number') te.push("date_end"); if (body.created != null) te.push("created");