Attempt to mitigate against performance degrading attacks.
This commit is contained in:
parent
55aa98be0a
commit
600f98afcb
@ -139,11 +139,15 @@
|
|||||||
this.$content.find('div.chat-event').remove();
|
this.$content.find('div.chat-event').remove();
|
||||||
},
|
},
|
||||||
|
|
||||||
showStatusNotification: function (message, keep_old) {
|
showStatusNotification: function (message, keep_old, permanent) {
|
||||||
if (!keep_old) {
|
if (!keep_old) {
|
||||||
this.clearStatusNotification();
|
this.clearStatusNotification();
|
||||||
}
|
}
|
||||||
this.$content.append($('<div class="chat-info chat-event"></div>').text(message));
|
var $el = $('<div class="chat-info"></div>').text(message);
|
||||||
|
if (!permanent) {
|
||||||
|
$el.addClass('chat-event');
|
||||||
|
}
|
||||||
|
this.$content.append($el);
|
||||||
this.scrollDown();
|
this.scrollDown();
|
||||||
},
|
},
|
||||||
|
|
||||||
@ -292,6 +296,14 @@
|
|||||||
// are mentioned.
|
// are mentioned.
|
||||||
extra_classes += ' mentioned';
|
extra_classes += ' mentioned';
|
||||||
}
|
}
|
||||||
|
if (text.length > 8000) {
|
||||||
|
text = text.substring(0, 10) + '...';
|
||||||
|
this.showStatusNotification(
|
||||||
|
__("A very large message has been received."+
|
||||||
|
"This might be due to an attack meant to degrade the chat performance."+
|
||||||
|
"Output has been shortened."),
|
||||||
|
true, true);
|
||||||
|
}
|
||||||
return $(template(
|
return $(template(
|
||||||
_.extend(this.getExtraMessageTemplateAttributes(attrs), {
|
_.extend(this.getExtraMessageTemplateAttributes(attrs), {
|
||||||
'msgid': attrs.msgid,
|
'msgid': attrs.msgid,
|
||||||
|
Loading…
Reference in New Issue
Block a user