Prevent DDoS attacks by limiting the size of the graph

coq-tactician · Oct 30, 2023 · ea1c531 · ea1c531
1 parent ad011ec
commit ea1c531
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 1 deletion.
diff --git a/pytact/graph_visualize_browse.py b/pytact/graph_visualize_browse.py
@@ -48,6 +48,7 @@ class Settings:
     max_size: int = 100
 
     def __post_init__(self):
+        self.max_size = min(10000, self.max_size) # Prevent DDoS attacks by limiting the size of the graph
         if not self.no_defaults:
             self.ignore_edges = [graph_api_capnp.EdgeClassification.schema.enumerants['constOpaqueDef']]
             label = graph_api_capnp.Graph.Node.Label

diff --git a/pytact/templates/visualizer.html b/pytact/templates/visualizer.html
@@ -180,7 +180,7 @@
                     <div class="field">
                         <div class="ui grid">
                             <div class="five wide column">
-                                <input type="number" id="max_size" name="max_size" min="1"
+                                <input type="number" id="max_size" name="max_size" min="1" max="10000"
                                        style="width:5.5rem" value="{{ settings.max_size }}">
                             </div>
                             <div class="eleven wide column middle aligned">