api: user: limit email to 254 characters and user comment to 2048

For email the reasoning is: > In addition to restrictions on syntax, there is a length limit on > email addresses. That limit is a maximum of 64 characters (octets) > in the "local part" (before the "@") and a maximum of 255 > characters (octets) in the domain part (after the "@") for a total > length of 320 characters. However, there is a restriction in RFC > 2821 on the length of an address in MAIL and RCPT commands of 254 > characters. Since addresses that do not fit in those fields are > not normally useful, the upper limit on address lengths should > normally be considered to be 254. -- https://www.rfc-editor.org/errata_search.php?rfc=3696&eid=1690 And for user-comments, we normally show those as single line and using 2048 bytes as maximum, while also a rather arbitrary number it allows for about 2.5 times more users on a system (full name + comment can be up to 4 KiB vs 10 KiB), and we can re-raise this relatively easily again if there are somewhat reasonable complaints. Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2025-10-04 08:21:57 +00:00 · 2024-02-08 17:31:04 +01:00 · 2024-02-08 17:31:04 +01:00 · 744ec31426
commit 744ec31426
parent 04712fc464
1 changed files with 2 additions and 2 deletions
--- a/src/PVE/API2/User.pm
+++ b/src/PVE/API2/User.pm
@ -35,12 +35,12 @@ register_standard_option('user-email', {
    type => 'string',
    optional => 1,
    format => 'email-opt',
-    maxLength => 4096,
+    maxLength => 254, # 256 including punctuation and separator is the max path as per RFC 5321
 });
 register_standard_option('user-comment', {
    type => 'string',
    optional => 1,
-    maxLength => 8192,
+    maxLength => 2048,
 });
 register_standard_option('user-keys', {
    description => "Keys for two factor auth (yubico).",