From 53033c1041eac5f746e22313ee39846fe792f269 Mon Sep 17 00:00:00 2001
From: Dev Prashant <dev.prashant1901@gmail.com>
Date: Wed, 24 Jun 2026 12:08:31 +0530
Subject: [PATCH] fix(chat): add input length validation to prevent payload
 abuse

---
 backend/routes/chatRoutes.js | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/backend/routes/chatRoutes.js b/backend/routes/chatRoutes.js
index 6c98190..e13d072 100644
--- a/backend/routes/chatRoutes.js
+++ b/backend/routes/chatRoutes.js
@@ -24,6 +24,10 @@ router.post("/", async (req, res) => {
             return res.status(400).json({ error: "Message is required." });
         }
 
+        if (message.length > 1000) {
+            return res.status(400).json({ error: "Message exceeds maximum length of 1000 characters." });
+        }
+
         // Format the history for Groq
         const messages = [
             { role: "system", content: SYSTEM_PROMPT }