There should be an upper bound on the limit param used by paging in various tools so it can't be abused.
Perhaps exemptions for nbhd admins since it could be useful when used properly.
Fix on branch db/5694
For QA, note that there were a number of __json__ changes. I had to be careful not to put any limits in the models themselves, since __json__ is used for bulk export and we don't want any limits there. But we do want some limits when going through the rest controller.
I tested this from multiple angles and could not get it to break. Nice work :)
I think 100 might make a better default max -- but 500 works too.
Log in to post a comment.