<< Back to previous view |
[QB-783] Limit number of query results via RESTful API for normal users
|
|
Status: | Resolved |
Project: | QuickBuild |
Component/s: | None |
Affects Version/s: | 3.1.15 |
Fix Version/s: | 3.1.16 |
Type: | Improvement | Priority: | Major |
Reporter: | Robin Shen | Assigned To: | Robin Shen |
Resolution: | Fixed | Votes: | 1 |
Remaining Estimate: | Unknown | Time Spent: | Unknown |
Original Estimate: | Unknown |
Description |
We encountered a problem today. One of our users tried the query /rest/builds via REST API. The result is that it completely blocked the server as we have thousands of builds. We verified this in both QB 2.1 and 3.1.
First, /rest/builds shouldn't be available past certain limit. Moreover, our concern is that any of our users can actually produce a denial of service on our server by doing heavy queries. Could you please set a reasonable limit on the query above and any other that does heavy loading of data? |
Comments |
Comment by Robin Shen [ 09/Jan/11 07:45 AM ] |
Non-admin users are now only allowed to search up to 25 builds per query. Other queries will not consume too many server resources. |