1 files changed, 36 insertions, 0 deletions

diff --git a/lib/gitlab/search/abuse_validators/no_abusive_term_length_validator.rb b/lib/gitlab/search/abuse_validators/no_abusive_term_length_validator.rb
new file mode 100644
index 00000000000..8a94520d8fd
--- /dev/null
+++ b/lib/gitlab/search/abuse_validators/no_abusive_term_length_validator.rb
@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Search
+    module AbuseValidators
+      class NoAbusiveTermLengthValidator < ActiveModel::EachValidator
+        def validate_each(instance, attribute, value)
+          return unless value.is_a?(String)
+
+          if value.split.any? { |term| term_too_long?(term) }
+            instance.errors.add attribute, 'abusive term length detected'
+          end
+        end
+
+        private
+
+        def term_too_long?(term)
+          char_limit = url_detected?(term) ? maximum_for_url : maximum
+          term.length >= char_limit
+        end
+
+        def url_detected?(uri_str)
+          URI::DEFAULT_PARSER.regexp[:ABS_URI].match? uri_str
+        end
+
+        def maximum_for_url
+          options.fetch(:maximum_for_url, maximum)
+        end
+
+        def maximum
+          options.fetch(:maximum)
+        end
+      end
+    end
+  end
+end