If a single
level has enough nodes to produce a DOS attack, then it seems like you've
got more worries than x/y/z.1.json.
Jeff.
-Original Message-
From: ianbos...@gmail.com [mailto:ianbos...@gmail.com] On Behalf Of Ian Boston
Sent: 02 December 2011 00:14
To: dev@sling.apache.org
S
tform letting them down.
Jeff.
-Original Message-
From: justinedel...@gmail.com [mailto:justinedel...@gmail.com] On Behalf Of
Justin Edelson
Sent: 01 December 2011 21:50
To: dev@sling.apache.org
Subject: Re: FW: Issue with DOS limitation in infinity.json servlet
Hi Jeff,
I'm not su
On 2 December 2011 10:51, Justin Edelson wrote:
> Hmmm. Good point. I changed my mind (slightly) - the behavior Jeff is
> describing can be supported, but should be disabled by default.
>
> Ian - to your question, with the default configuration,
> /x/y/z.(anything).json should not output 2M child
Hmmm. Good point. I changed my mind (slightly) - the behavior Jeff is
describing can be supported, but should be disabled by default.
Ian - to your question, with the default configuration,
/x/y/z.(anything).json should not output 2M child nodes. IMHO, if you
as a system operator decide to let cli
Hi,
Thinking about this some more,
Assuming the content system can support this for a moment.
/x/y/z has 2M direct child nodes, what does /x/y/z.-1.json respond
with? 2M links to those child nodes.
Does the system need to support paging, in the same way atom does?
eg /x/y/z.-1.json?page=1
With Sl
Hi Jeff,
I'm not sure why you can't just increase the limit if you run into
this problem, but I am not opposed to making this change on principal.
I'm very intrigued by the idea of a PostProcessor which limits the
number of nodes at a particular point in the hierarchy, but that's not
going to be 1
The intent behind the limitation seems sound, but the implementation has (to my
mind) a slight flaw.
A legitimate client which needs the information could presumably implement its
own traversal to descend the tree. But this only works if the json servlet is
always allowed to return at least a
