From: Alexander Ebert <ebert@woltlab.com>
Date: Sun, 17 Mar 2024 16:44:33 +0000 (+0100)
Subject: Reject requests with a query shorter than 3 characters
X-Git-Tag: 6.1.0_Alpha_1~148^2~5
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=e79300a4a738cb39da7bec3f0f253f969938841c;p=GitHub%2FWoltLab%2FWCF.git

Reject requests with a query shorter than 3 characters
---

diff --git a/wcfsetup/install/files/lib/system/endpoint/controller/core/messages/MentionSuggestions.class.php b/wcfsetup/install/files/lib/system/endpoint/controller/core/messages/MentionSuggestions.class.php
index 7238a04719..4312463f3d 100644
--- a/wcfsetup/install/files/lib/system/endpoint/controller/core/messages/MentionSuggestions.class.php
+++ b/wcfsetup/install/files/lib/system/endpoint/controller/core/messages/MentionSuggestions.class.php
@@ -19,6 +19,9 @@ final class MentionSuggestions implements IController
     public function __invoke(ServerRequestInterface $request, array $variables): ResponseInterface
     {
         $parameters = Helper::mapApiParameters($request, MentionSuggestionsParameters::class);
+        if (\mb_strlen($parameters->query) < 3) {
+            throw new UserInputException('query', 'tooShort');
+        }
 
         $query = \mb_strtolower($parameters->query);
         $matches = [];