#33852: Ability to exclude a specific view or form from
DATA_UPLOAD_MAX_NUMBER_FIELDS
---------------------------------------+------------------------
Reporter: vskov147 | Owner: nobody
Type: New feature | Status: new
Component: Forms | Version: 4.0
Severity: Normal | Keywords:
Triage Stage: Unreviewed | Has patch: 0
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 0
UI/UX: 0 |
---------------------------------------+------------------------
Use case & rationale:
We have a large, complicated CMS application. One of the advanced power
views this application has uses a form that requires an unusually large
number of fields. This particular view is only accessible by Admin users,
behind 2 separate authentication gates. So, we'd like that view to support
having this form with a large number of fields.
Having said that, given that one of the stated purposes of
DATA_UPLOAD_MAX_NUMBER_FIELDS is protection from DoS, increasing the
DATA_UPLOAD_MAX_NUMBER_FIELDS value for our entire app across the board
(or setting it to None to disable the check) seems counter-productive in
terms of security / DoS-protection.
I would really love to have a way to specify "hey, this particular view or
form is OK to use a myriad of fields" without affecting the rest of the
app. Hence the feature request!
Thank you very much for all the wonderful work y'all do with the Django
framework.
--
Ticket URL: <https://code.djangoproject.com/ticket/33852>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/0107018209e51112-0c7a6b34-9d8a-4418-9e1d-81efaf31a119-000000%40eu-central-1.amazonses.com.
