From 77bcf9dbe7a145c46f7bbf5e2117e9a080fb4e53 Mon Sep 17 00:00:00 2001
From: jomo <github@jomo.tv>
Date: Sun, 19 Oct 2014 23:36:58 +0200
Subject: [PATCH] prevent large images

---
 routes/avatars.js | 6 ++----
 views/index.jade  | 2 +-
 2 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/routes/avatars.js b/routes/avatars.js
index 34b3d83..e457c83 100644
--- a/routes/avatars.js
+++ b/routes/avatars.js
@@ -9,10 +9,8 @@ var valid_uuid = /^[0-9a-f]{32}$/;
 router.get('/:uuid/:size?', function(req, res) {
   var uuid = req.param('uuid');
   var size = req.param('size') || 180;
-  // Add temporary restriction to prevent app from crashing
-  if (size <= 0) {
-    size = 180;
-  }
+  // Prevent app from crashing/freezing
+  if (size <= 0 || size > 512) size = 180;
   console.log(uuid);
   if (valid_uuid.test(uuid)) {
     var filename = uuid + ".png";
diff --git a/views/index.jade b/views/index.jade
index 58bd564..1df4f84 100644
--- a/views/index.jade
+++ b/views/index.jade
@@ -19,7 +19,7 @@ block content
 					| "&gt;
 				p(style="margin-top: 10px;") Example: UUID: '2d5aa9cdaeb049189930461fc9b91cc5', Username: Jake0oo0
 				.well &lt;img src="https://skins.jake0oo0.me/avatars/2d5aa9cdaeb049189930461fc9b91cc5"&gt;
-				p(style="margin-top: 10px;") There is also an option to include a size, default is 180x180px.
+				p(style="margin-top: 10px;") There is also an option to include a size, default is 180x180px. The size may not be larger than 512px.
 				.well
 					| &lt;img src="https://skins.jake0oo0.me/avatars/
 					mark.green uuid