django-rest-framework icon indicating copy to clipboard operation
django-rest-framework copied to clipboard
verified publisher icon encode

Add MAX_PAGE_SIZE setting

Open TheSuperiorStanislav opened this issue 2 years ago • 9 comments

Description

Add a setting for max page size for global pagination. Our team discovered that by default, page size is unlimited which could lead to API abuse and the only way to fix it -> it's to subclass pagination class(which is a working solution, but not convenient). After investigating issues I found related issue and comment.

TheSuperiorStanislav avatar Sep 14 '23 03:09 TheSuperiorStanislav

OK I saw the comment now https://github.com/encode/django-rest-framework/issues/6185#issuecomment-1352913177 it might be possible in class level but not globally at the moment.

auvipy avatar Sep 14 '23 14:09 auvipy

@auvipy I added tests for system checks, but didn't managed to find and add tests for settings with API requests like in test_pagination.py, and it's kind hard to add since pagination settings are defined as class attrs.

TheSuperiorStanislav avatar Sep 15 '23 04:09 TheSuperiorStanislav

we got a PR related to this area https://github.com/encode/django-rest-framework/pull/8993. would be helpful if you review and share your views on the PR.

auvipy avatar Oct 02 '23 12:10 auvipy

@auvipy @christophehenry @TheSuperiorStanislav If you don't mind, I can take this up and implement the changes requested

ankitchhatbar avatar Dec 22 '23 08:12 ankitchhatbar