Web API: /known: add a length limit to the list of accepted PID
Closed, MigratedEdits Locked
Actions

Assigned To

Authored By

	zack
	Feb 11 2020, 2:52 PM

Description

The /known endpoint takes as input a list of PIDs.
To avoid abusing the DB backend (no matter how much data the web server will accept) we should put a limit on how many PIDs are accepted.
There should be a default, and it should be overridable at the webapp configuration level.

A reasonable default to begin with is probably 1'000 PIDs (one PID is 50 character long, so that's about 50 KiB + json list terminators).

(no need to check the limit in a streaming fashion, we will delegate that part to varnish: T2277)

Related Objects
Search...

		Status	Assigned	Task
		Migrated	gitlab-migration	T2276 Web API: /known: add a length limit to the list of accepted PID
		Migrated	gitlab-migration	T2277 varnish: limit maximum size of incoming POST requests for Web API

Event Timeline

zack triaged this task as High priority.Feb 11 2020, 2:52 PM

zack created this task.

zack mentioned this in T2277: varnish: limit maximum size of incoming POST requests for Web API.Feb 11 2020, 3:08 PM

zack updated the task description. (Show Details)

DanSeraf mentioned this in D2661: Web API: /known/ input size limit.Feb 12 2020, 3:18 PM

Closed by rDWAPPS792f7263ffc6dcf96067020946905e6d7b89debc

gitlab-migration closed subtask T2277: varnish: limit maximum size of incoming POST requests for Web API as Migrated.Oct 19 2022, 5:57 PM

This task has been migrated to GitLab.

Web API: /known: add a length limit to the list of accepted PIDClosed, MigratedEdits LockedActions

Description

Related ObjectsSearch...

Event Timeline

Web API: /known: add a length limit to the list of accepted PID
Closed, MigratedEdits Locked
Actions

Related Objects
Search...