Good job on the release!
Might be acting stupid but I put 10000 as page-size for the Block-numbers API and got a 504. Might be wise to limit page-size on the backend to 1000 or give an error straight away if over that?
My 2 cents.
You are viewing a single comment's thread from:
Thanks for the report! Please create an issue for it on gitlab if you haven't already.
I suppose at some point we should review all the new API calls for potential attack vectors like this one, that might result in database slowdowns. But everything takes time: we just finally got around to reviewing the old API calls in hivemind for such problems as part of this release (and there we were just handling "accidental" over usage of the API calls).
Fortunately, for the most part no one bothers with such attacks intentionally, and when they do, its something we can fix relatively fast, so there's not much chance for a serious problem.
Just did
https://gitlab.syncad.com/hive/haf/-/issues/268