You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
Yes. At present, any user who can create a date poll can clone date poll options infinitely and easily with the clone tool. However, there is no apparent limit on "Number of items to create", no rate limit on the endpoint for cloning them, and each clone is its own request (the cloning is handled client-side). This means that someone can set "Number of items to create" to, for instance, 999999999, and set step unit to "Minute", creating a huge number of database entries and weighing down the server with a vast number of requests, as each of the requests is handled separately.
Describe the solution you'd like
In my view, the best solution to this would be a combination of a limit on the number of available dates in a single date poll, combined with changing the client-side calculation of the clone to option sequence (i.e. a single request for each date being added) to a system whereby a single endpoint is called once to perform the clone, and the rest happens server-side.
Describe alternatives you've considered
One alternative is simply rate-limiting the endpoint for creating new options; however, that seems like a fairly ugly solution, and might end up being confusing for users. Further, with a single request creating multiple, you'd end up being able to set a far higher rate limit than you could with the current system, as the overhead of new requests for each and every one is huge.
The text was updated successfully, but these errors were encountered:
Agree. The current solution is a little bit convenient using moment.js. A transferral to the backend is planned, to avoid multiple request and response turnarounds.
Is your feature request related to a problem? Please describe.
Yes. At present, any user who can create a date poll can clone date poll options infinitely and easily with the clone tool. However, there is no apparent limit on "Number of items to create", no rate limit on the endpoint for cloning them, and each clone is its own request (the cloning is handled client-side). This means that someone can set "Number of items to create" to, for instance, 999999999, and set step unit to "Minute", creating a huge number of database entries and weighing down the server with a vast number of requests, as each of the requests is handled separately.
Describe the solution you'd like
In my view, the best solution to this would be a combination of a limit on the number of available dates in a single date poll, combined with changing the client-side calculation of the clone to option sequence (i.e. a single request for each date being added) to a system whereby a single endpoint is called once to perform the clone, and the rest happens server-side.
Describe alternatives you've considered
One alternative is simply rate-limiting the endpoint for creating new options; however, that seems like a fairly ugly solution, and might end up being confusing for users. Further, with a single request creating multiple, you'd end up being able to set a far higher rate limit than you could with the current system, as the overhead of new requests for each and every one is huge.
The text was updated successfully, but these errors were encountered: