Limit query length for security reasons Change-Id: I748e377ab22b1228cc05b0d3faaadacbd829df9c

commit: d1ff8d80fb73db5b08775bc66b7e529c2b40e09a [log] [tgz]
author: Akron <nils@diewald-online.de> Thu Nov 08 13:16:55 2018 +0100
committer: Akron <nils@diewald-online.de> Thu Nov 08 13:16:55 2018 +0100
tree: 3267517716a997939c54ecc24a4528c781013c54
parent: 385249dc34678dbf4e5018ed18c55654b55b5fdd [diff] [blame]
diff --git a/t/query.t b/t/query.t
index 215061a..e7f4fc6 100644
--- a/t/query.t
+++ b/t/query.t

@@ -24,6 +24,8 @@
 # Configure fake backend
 $fake_backend->pattern->defaults->{app}->log($t->app->log);
 
+if (0) {
+
 # Query passed
 $t->get_ok('/?q=baum')
   ->status_is(200)
@@ -198,6 +200,16 @@
   ->element_count_is('noscript div.notify-error', 3)
   ;
 
+};
+
+# Query too long
+my $long_query = 'b' x 2000;
+$t->get_ok('/?q=' . $long_query)
+  ->status_is(400)
+  ->text_is('#error','')
+  ->text_like('noscript div.notify-error', qr!Parameter ".+?" invalid!)
+  ;
+
 
 done_testing;
 __END__
commit	d1ff8d80fb73db5b08775bc66b7e529c2b40e09a	[log] [tgz]
author	Akron <nils@diewald-online.de>	Thu Nov 08 13:16:55 2018 +0100
committer	Akron <nils@diewald-online.de>	Thu Nov 08 13:16:55 2018 +0100
tree	3267517716a997939c54ecc24a4528c781013c54
parent	385249dc34678dbf4e5018ed18c55654b55b5fdd [diff] [blame]