Improvement: Client side security hardening
This update will improve the input fields of the application and the validation of the data which is entered in those fields.
Basically the input fields now all have a "maxLength" attribute which is set through a helper and reflects the "max" value of the regarding schema entry. This will reduce the overhead if we wish to change the max value of the schema and it ensures that all input fields always use the correct values.
For example the maximum length of a hashtag is currently 25 characters. If we decide to use 30 characters we would have to check every input field regarding hashtags and update the maxLength attribute. This is now done automatically. Additionally it should not be possible to override the maxLength manually within the browser console since the helpers are reactive components of Meteor and the manual value would be automatically overriden again by the Meteor helper.
The next improvement is the validation of the data. Since the maxLength does not interfere with javascript one could simply type something like $('#xyzElement').val(veryLongString) and the value would be set to the input field regardless of the maxLength attribute. Since we cannot prohibit this behavior there is now always a validation of the value before it is send to the Meteor method. Here we use the SimpleSchema validation (just like for the MongoDB) again with our regarding schema entry. If the validation failes the data will not be send to the server at all and instead an ErrorSplashscreen is shown.