From 41bc6dc173370ac86071510bd9e052122af446e1 Mon Sep 17 00:00:00 2001
From: Craig D'Silva <craig.dsilva10@gmail.com>
Date: Wed, 10 Jun 2026 19:02:08 +0100
Subject: [PATCH 1/2] Add bloom length validation on the backend

---
 backend/endpoints.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/backend/endpoints.py b/backend/endpoints.py
index 0e177a07..c9d1e576 100644
--- a/backend/endpoints.py
+++ b/backend/endpoints.py
@@ -156,7 +156,10 @@ def send_bloom():
     if type_check_error is not None:
         return type_check_error
 
-    user = get_current_user()
+    if len(request.json["content"]) > 280:
+        return make_response((f"Bloom too long", 422))
+
+    user = get_current_user() 
 
     blooms.add_bloom(sender=user, content=request.json["content"])
 

From 7e699963c408b17ec3cc099d3e1fb40a9f82b0d0 Mon Sep 17 00:00:00 2001
From: Craig D'Silva <craig.dsilva10@gmail.com>
Date: Wed, 10 Jun 2026 19:02:27 +0100
Subject: [PATCH 2/2] Add HTTP status in errors.mjs

---
 front-end/components/error.mjs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/front-end/components/error.mjs b/front-end/components/error.mjs
index 3fc9eeee..80ef1946 100644
--- a/front-end/components/error.mjs
+++ b/front-end/components/error.mjs
@@ -7,6 +7,7 @@ const _STATUS_MESSAGES = {
   404: "Not Found - The requested resource does not exist.",
   405: "Not Allowed - The server knows the request method, but the target resource doesn't support this method.",
   418: "I'm a teapot - Server refuses to brew coffee with a teapot.",
+  422: "Invalid data - The request was well-formed but was unable to be followed due to semantic errors.",
   500: "Internal Server Error - Something went wrong on the server.",
 };