RethinkDB should generally be able to handle documents of arbitrary nesting depth and/or size, but I wouldn't be shocked if you could somehow prepare a document that causes a stack overflow when being processed.
Additionally, very large documents could be used by an attacker for DoS attacks by causing high memory consumption on the server and/or slowing queries and other users down significantly.
I think we should implement a restriction on both aspects of any document that Horizon stores. The limits should probably be configurable for a given Horizon server instance.
I suggest default limits of:
- 16 for the maximum nesting depth
- 1 MB for the document size
Maybe there's a better way of achieving the same goal though?
I think we should consider adding this for 2.0. @Tryneus @deontologician ?
RethinkDB should generally be able to handle documents of arbitrary nesting depth and/or size, but I wouldn't be shocked if you could somehow prepare a document that causes a stack overflow when being processed.
Additionally, very large documents could be used by an attacker for DoS attacks by causing high memory consumption on the server and/or slowing queries and other users down significantly.
I think we should implement a restriction on both aspects of any document that Horizon stores. The limits should probably be configurable for a given Horizon server instance.
I suggest default limits of:
Maybe there's a better way of achieving the same goal though?
I think we should consider adding this for 2.0. @Tryneus @deontologician ?