I have searched, and I cant find where "infinity" is documented on the Sling web site, any pointers ?
Ian On 21 Jan 2010, at 22:27, Ian Boston (JIRA) wrote: > > [ > https://issues.apache.org/jira/browse/SLING-1308?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12803510#action_12803510 > ] > > Ian Boston commented on SLING-1308: > ----------------------------------- > > Patch applies ok and the integration tests passes. > > However, I have reverted the changes to the Sling API to eliminate the need > to depend on a later version of the API. > Also there was a license header missing, added in. > > Other than that LGTM, > I will go and find the doc and update that as well. > >> Node.infinity.json contains risk for DOS. >> ----------------------------------------- >> >> Key: SLING-1308 >> URL: https://issues.apache.org/jira/browse/SLING-1308 >> Project: Sling >> Issue Type: Bug >> Components: Servlets >> Affects Versions: Servlets Get 2.0.8 >> Reporter: Simon Gaeremynck >> Assignee: Ian Boston >> Priority: Critical >> Attachments: jsonRenderer.diff, jsonRenderer.diff >> >> >> As it is now any user can do a node.infinity.json . >> If this happens on the root node in a repository with many items, it will >> cause the server to slow down (eventually crash?) >> I've created a patch confirming the discussion @ >> http://markmail.org/search/?q=node.infinity#query:node.infinity+page:1+mid:ugqjyqdz2trfpdkr+state:results > > -- > This message is automatically generated by JIRA. > - > You can reply to this email to add a comment to the issue online. >
