Hi, The maximum depths supported for JSON requests is configurable for the Default GET Servlet (IIRC the default is 200).
To disable the default JSON rendering for some nodes, you might want to implement a JSON servlet/script that is assigned to these types of nodes and which does "nothing" or sends back an error. For example, to prevent rendering nt:folder nodes for JSON you might register an Servlet service implementing the OptingServlet interface for the nt/folder resource type and implement the accepts method to return true or false in certain situations. In case false would be returned your servlet is ignored and the default one used. In case true is returned, your servlet would be called and you may then return whatever you like incl. an error. Regards Felix Am Montag, den 22.11.2010, 09:41 -0500 schrieb sam lee: > Is there a way to disable json servlet for some nodes? > > For example, I can think of DDoS for sling applications: > http://www.example.com/content/dam.tidy.-1.json > http://www.example.com/content/dam.tidy.-2.json > ... > http://www.example.com/content/dam.acl.-1.json > http://www.example.com/content/dam.acl.-2.json > ... > http://www.example.com/content/dam.eacl.-1.json > http://www.example.com/content/dam.eacl.-2.json > ... > in parallel.. > where /content/dam is a very deep hierarchy. > > I see live sites accepting such GET requests (for example, adobe.com). > > How do you partially disable json servlet? (be it only selected nodes accept > json request.. or maybe set a limit on json "level" selector?) > > Thanks. > Sam
