Increased attachment link limit from 192 to 2k

Added test to cover. Did attempt a 64k limit, but values over 2k significantly increase chance of other issues since this URL may be used in redirect headers. Would rather catch issues in-app. For #4044
2025-07-28 17:02:04 +03:00 · 2023-02-20 13:05:23 +00:00
parent 8da3e64039
commit c80396136f
6 changed files with 71 additions and 26 deletions
--- a/app/Http/Controllers/Api/AttachmentApiController.php
+++ b/app/Http/Controllers/Api/AttachmentApiController.php
@ -13,11 +13,9 @@ use Illuminate\Validation\ValidationException;

 class AttachmentApiController extends ApiController
 {
-    protected $attachmentService;
-
-    public function __construct(AttachmentService $attachmentService)
-    {
-        $this->attachmentService = $attachmentService;
+    public function __construct(
+        protected AttachmentService $attachmentService
+    ) {
    }

    /**
@ -174,13 +172,13 @@ class AttachmentApiController extends ApiController
                'name'        => ['required', 'min:1', 'max:255', 'string'],
                'uploaded_to' => ['required', 'integer', 'exists:pages,id'],
                'file'        => array_merge(['required_without:link'], $this->attachmentService->getFileValidationRules()),
-                'link'        => ['required_without:file', 'min:1', 'max:255', 'safe_url'],
+                'link'        => ['required_without:file', 'min:1', 'max:2000', 'safe_url'],
            ],
            'update' => [
                'name'        => ['min:1', 'max:255', 'string'],
                'uploaded_to' => ['integer', 'exists:pages,id'],
                'file'        => $this->attachmentService->getFileValidationRules(),
-                'link'        => ['min:1', 'max:255', 'safe_url'],
+                'link'        => ['min:1', 'max:2000', 'safe_url'],
            ],
        ];
    }
--- a/app/Http/Controllers/AttachmentController.php
+++ b/app/Http/Controllers/AttachmentController.php
@ -15,16 +15,10 @@ use Illuminate\Validation\ValidationException;

 class AttachmentController extends Controller
 {
-    protected AttachmentService $attachmentService;
-    protected PageRepo $pageRepo;
-
-    /**
-     * AttachmentController constructor.
-     */
-    public function __construct(AttachmentService $attachmentService, PageRepo $pageRepo)
-    {
-        $this->attachmentService = $attachmentService;
-        $this->pageRepo = $pageRepo;
+    public function __construct(
+        protected AttachmentService $attachmentService,
+        protected PageRepo $pageRepo
+    ) {
    }

    /**
@ -112,7 +106,7 @@ class AttachmentController extends Controller
        try {
            $this->validate($request, [
                'attachment_edit_name' => ['required', 'string', 'min:1', 'max:255'],
-                'attachment_edit_url'  => ['string', 'min:1', 'max:255', 'safe_url'],
+                'attachment_edit_url'  => ['string', 'min:1', 'max:2000', 'safe_url'],
            ]);
        } catch (ValidationException $exception) {
            return response()->view('attachments.manager-edit-form', array_merge($request->only(['attachment_edit_name', 'attachment_edit_url']), [
@ -148,7 +142,7 @@ class AttachmentController extends Controller
            $this->validate($request, [
                'attachment_link_uploaded_to' => ['required', 'integer', 'exists:pages,id'],
                'attachment_link_name'        => ['required', 'string', 'min:1', 'max:255'],
-                'attachment_link_url'         => ['required', 'string', 'min:1', 'max:255', 'safe_url'],
+                'attachment_link_url'         => ['required', 'string', 'min:1', 'max:2000', 'safe_url'],
            ]);
        } catch (ValidationException $exception) {
            return response()->view('attachments.manager-link-form', array_merge($request->only(['attachment_link_name', 'attachment_link_url']), [