sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix(ai-apis): reject text inputs that are longer than 64K chars 

Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
pull/56350/head
Julien Veyssier 2025-11-05 12:29:23 +07:00
parent 3d7b3add9a
commit 33d1acddc7
No known key found for this signature in database
GPG Key ID: 4141FEE162030638
4 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
core/Controller/TextProcessingApiController.php
Unescape Escape View File

@ -102,6 +102,9 @@ class TextProcessingApiController extends OCSController {
#[AnonRateLimit(limit: 5, period: 120)]
#[ApiRoute(verb: 'POST', url: '/schedule', root: '/textprocessing')]
public function schedule(string $input, string $type, string $appId, string $identifier = ''): DataResponse {
if (strlen($input) > 64_000) {
return new DataResponse(['message' => $this->l->t('Input text is too long')], Http::STATUS_BAD_REQUEST);
}
try {
$task = new Task($type, $input, $appId, $this->userId, $identifier);
} catch (InvalidArgumentException) {

3
core/Controller/TextToImageApiController.php
Unescape Escape View File

@ -78,6 +78,9 @@ class TextToImageApiController extends OCSController {
#[UserRateLimit(limit: 20, period: 120)]
#[ApiRoute(verb: 'POST', url: '/schedule', root: '/text2image')]
public function schedule(string $input, string $appId, string $identifier = '', int $numberOfImages = 8): DataResponse {
if (strlen($input) > 64_000) {
return new DataResponse(['message' => $this->l->t('Input text is too long')], Http::STATUS_PRECONDITION_FAILED);
}
$task = new Task($input, $appId, $numberOfImages, $this->userId, $identifier);
try {
try {

3
core/Controller/TranslationApiController.php
Unescape Escape View File

@ -67,6 +67,9 @@ class TranslationApiController extends OCSController {
#[AnonRateLimit(limit: 10, period: 120)]
#[ApiRoute(verb: 'POST', url: '/translate', root: '/translation')]
public function translate(string $text, ?string $fromLanguage, string $toLanguage): DataResponse {
if (strlen($text) > 64_000) {
return new DataResponse(['message' => $this->l10n->t('Input text is too long')], Http::STATUS_BAD_REQUEST);
}
try {
$translation = $this->translationManager->translate($text, $fromLanguage, $toLanguage);

3
lib/public/TaskProcessing/EShapeType.php
Unescape Escape View File

@ -82,6 +82,9 @@ enum EShapeType: int {
*/
public function validateInput(mixed $value): void {
$this->validateNonFileType($value);
if ($this === EShapeType::Text && is_string($value) && strlen($value) > 64_000) {
throw new ValidationException('Text is too long');
}
if ($this === EShapeType::Image && !is_numeric($value)) {
throw new ValidationException('Non-image item provided for Image slot');
}