django-DefectDojo icon indicating copy to clipboard operation
django-DefectDojo copied to clipboard
verified publisher icon DefectDojo

Ajax autocompletion on data filter form

Open iomarmochtar opened this issue 2 years ago • 5 comments

We integrating defectdojo with our service sast pipeline to store the findings detected on it. As time goes the defectdojo database size are increased and it's also reflecting to the slowness that occurred once visiting some pages, sometime it got connection timeout due exceed our loadbalancer setting for more than 2 minutes and surprisingly when we check on the total page it reached for more than >= 50 MB. As we are going deeper for finding the root cause we found that the generated select option HTML tag for "Finding Group" in filter form is very huge, turns out we disabling "Finding Group" in system setting then the page can be normally accessed.

before before-disable-finding-group

after after-disable-finding-group

It will be better if not storing all of the data inside filter form, instead the autocompletion by requesting the list of available data through ajax and it returning the available matched data accordingly.

Please let me know whether any alternative for this case (beside disabling the feature), or the ajax autocomplete is a good feature request to solve it.

iomarmochtar avatar Feb 06 '23 14:02 iomarmochtar

Hello.

I have done some investigation on this problem and have a question. When you state the HTML tag for the finding group filter is very large, are you referring to the number of choices listed in the dropdown? If so, I believe an appropriate change would be to change the filter type for finding groups from a ModelMultipleChoiceFilter to a CharFilter, which filters on finding group name. This field could be name contains or exact name (or both).

This would still provide search functionality by name (similar to other objects), while removing the need to render all of the possible finding group name choices.

blakeaowens avatar Feb 07 '23 09:02 blakeaowens

Yes, that one. it rendered as tag <select name="finding_group" placeholder="Finding Group" class="form-control input-sm" id="id_finding_group" multiple>.

I think from user perspective side the current implementation for using dropdown that masked using select2 is good, as if we can have autocompletion by typing some part of content that we want to find then it will show the some of the candidate. better keep it, so loading/render all of data is the only concern, and again i'm proposing the data search through the ajax, This is the sample of the implementation

iomarmochtar avatar Feb 07 '23 12:02 iomarmochtar

Hello.

Unfortunately, I do not have the knowledge to implement the functionality you are requesting. If you would like to make the change you are suggesting, I would be happy to follow along and review it! :)

For now, I am going to submit a PR removing the ModelMultipleChoiceFilter and replace it with a CharFilter (as this has already been done for numerous fields in DefectDojo, but it appears Finding Groups were missed).

blakeaowens avatar Feb 07 '23 21:02 blakeaowens

There's now the filter_string_matching system setting that will switch all ModelMultipleChoiceFilter fields to CharFilter fields.

Image

valentijnscholten avatar Oct 05 '25 08:10 valentijnscholten

Leaving this open as ajax completion on fields like this would still be nice, for example only triggered after entering at least 3 characters.

valentijnscholten avatar Oct 05 '25 08:10 valentijnscholten