Security concern with Free text fields not having some restrictions

[Tribunal33]

While testing I have noticed that several free text form fields do not have a any input restrictions. Even in areas where there is going to be a max 25 character limit. This can lead to problems such as this bug #11769. As well, I briefly talked about setting the number of processed citations to 100 here : #11902. But even within these processed citations are multiple text fields that have no character limits on inputs. I propose a standard solution for limiting these fields to some maximum character restrictions before the Database throws errors.

If not then it opens up attacks for malicious users as outlined here : https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html#:~:text=When%20designing%20regular%20expression%2C%20be,Allow%20List%20Regular%20Expression%20Examples

[asmecher]

See also:

• Remove arbitrary field length limitations #5266
• [Suggest Reviewers] | Throughout Submission workflow - Reasons for Suggesting Reviewer, Limit the length of characters in the field as well as limit displaying in various locations #11516
• Exception when inputting large texts into short fields #9988