The Special:CheckUser 'Get users' block form limits the number of users which can be blocked on one submission of the form to the number in wgCheckUserMaxBlocks. Special:InvestigateBlock does not currently limit the number of users which can be blocked in one use of the form.
Special:InvestigateBlock should be limited to block no more than wgCheckUserMaxBlocks users in one use of the form to provide feature parity with the 'Get users' form. The default value of the config is 200, which means that this limit is very unlikely to be reached and therefore should not affect CUs who are using the form in a legitimate way. The risk of allowing any number of users to be blocked is that a compromised CU account could mass block thousands of accounts in one use of the form.
Acceptance criteria
- Special:InvestigateBlock does not allow more than wgCheckUserMaxBlocks (by default 200) users in the user input