Page MenuHomePhabricator

Add size limits and character normalization for the ReadingLists batch APIs
Closed, ResolvedPublic

Description

Since the ReadingLists API uses JSON parameters for batch writes, and that's not natively understood by the API framework, it does not include some things that API modules normally get for free. Specifically:

  • strings in the JSON data should be normalized the same way the API normalizes other parameters (NFC etc)
  • there should be a limit on the number of items that can be included
    • the limit should be expressed in the paraminfo API and in the maxItems field of the Swagger spec (and the Swagger spec could also include the max response size while we are there)
  • there should probably a length limit for the full JSON string, just in case

(This is a follow-up to T182052: Batch reading list operations.)

Event Timeline

Tgr created this task.Feb 12 2018, 6:32 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 12 2018, 6:32 PM
Tgr updated the task description. (Show Details)Feb 12 2018, 11:17 PM
Tgr added a comment.Feb 17 2018, 12:44 AM

the limit should be expressed in the paraminfo API

Punting on that for now. See T187603: Add JSON parameter type to the action API for a proper solution (which is a ton of work).

Change 411569 had a related patch set uploaded (by Gergő Tisza; owner: Gergő Tisza):
[mediawiki/extensions/ReadingLists@master] Improve JSON parameter validation

https://gerrit.wikimedia.org/r/411569

Change 411569 merged by jenkins-bot:
[mediawiki/extensions/ReadingLists@master] Improve JSON parameter validation

https://gerrit.wikimedia.org/r/411569

Tgr closed this task as Resolved.Feb 21 2018, 7:24 PM