fnp / wolnelektury.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Prevented one form of DoS attack by limiting number of tags in query to 6.
[wolnelektury.git] / apps / catalogue / views.py
diff --git a/apps/catalogue/views.py b/apps/catalogue/views.py
index 0525374..d8a61e3 100644 (file)
--- a/apps/catalogue/views.py
+++ b/apps/catalogue/views.py
@@ -97,6 +97,10 @@ def book_list(request):
 
 
 def tagged_object_list(request, tags=''):
+    # Prevent DoS attacks on our database
+    if len(tags.split('/')) > 6:
+        raise Http404
+        
     try:
         tags = models.Tag.get_tag_list(tags)
     except models.Tag.DoesNotExist: