On Friday 13 May 2005 20:21, Vadim Gritsenko wrote: > Niclas Hedhman wrote: > > On Friday 13 May 2005 13:27, Bertrand Delacretaz wrote: > >>Le 13 mai 05, � 07:19, Niclas Hedhman a �crit : > >>>Can you explain this a bit further? Because I have no clue what you > >>>think is the actual problem. > >> > >>I think Vadim sees a potential denial of service attack, if your system > >>allows one to generate images of a very large size. > > > > Our test shows that; > > 1. Image generation is in the sub-second range, even for really large > > images. We hit the server 100 concurrent requests of sizes from 500-1500 > > px, and couldn't register any particular load. > > I used 4096 :-) Not sure if it will accept larger image size as well.
If you tried 4200 it would OOME :o) > > 2. No matter how big sizes you generate, the bandwidth that the system > > is connected to will 'run out' way before the CPU gets bogged down. > > AFAIK, if I have a lot more bandwidth than you, I should be able to DoS > > your system. > > DoS is not necessarily overloading CPU - overloading your channel is DoS > too. If your channel has lots of bandwidth, then DDoS is the way to go :-) But if I have more bandwidth than you I can always sink your channel, right? This is not really an URL issue at all. And it is not my problem :o) The "fit with-in box" in the URL was a convenience. > On your place, I personally would not accept arbitrary image size in the > URL - even if I have it in the URL. I would limit access only to image > sizes I want to allow. This reduces chance for abuse - and increases chance > for cache hit (suppose you have zoom control with 5 poisitions and 1000 > positions: latter have higher probability of cache hit, former - higher > probability of cache miss). In reality, users will not hack URLs. Only geeks like you guys do that. ;o) People in general click on the links available. Another "hack" is that give it a different extension, and you will get a different image format back as well, which also reduces the hit rate, by the same reasoning. But I must say that things like this makes Cocoon Rock! > > Since this came up, I will introduce a "max-size" parameter, with a > > default in the 1000x1000 or so range. > OT: Why square? Aren't photos ratio 4:3 or some such? Ok, I make it 1280x1024...
