#5694 Set max limit on limit param

v1.3.2
closed
General
Heith Seewald
2015-11-16
2013-01-25
No

There should be an upper bound on the limit param used by paging in various tools so it can't be abused.

Perhaps exemptions for nbhd admins since it could be useful when used properly.

Discussion

  • Dave Brondsema

    Dave Brondsema - 2015-11-09
    • status: open --> in-progress
    • assigned_to: Dave Brondsema
     
  • Dave Brondsema

    Dave Brondsema - 2015-11-09
    • labels: stability --> stability, sf-2, sf-current
    • status: in-progress --> review
     
  • Dave Brondsema

    Dave Brondsema - 2015-11-09

    Fix on branch db/5694

    For QA, note that there were a number of __json__ changes. I had to be careful not to put any limits in the models themselves, since __json__ is used for bulk export and we don't want any limits there. But we do want some limits when going through the rest controller.

     
  • Heith Seewald

    Heith Seewald - 2015-11-09
    • Reviewer: Heith Seewald
     
  • Heith Seewald

    Heith Seewald - 2015-11-10
    • status: review --> closed
     
  • Heith Seewald

    Heith Seewald - 2015-11-10

    I tested this from multiple angles and could not get it to break. Nice work :)

    I think 100 might make a better default max -- but 500 works too.

     
  • Dave Brondsema

    Dave Brondsema - 2015-11-16
    • labels: stability, sf-2, sf-current --> stability, sf-2
     
  • Dave Brondsema

    Dave Brondsema - 2015-12-08
    • Milestone: unreleased --> v1.3.2
     

Log in to post a comment.