Skip to content

Fix issue #187 #327

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 1, 2017
Merged

Fix issue #187 #327

merged 1 commit into from
Sep 1, 2017

Conversation

elfman
Copy link
Contributor

@elfman elfman commented Aug 26, 2017

No description provided.

birdofpreyru
birdofpreyru requested changes Aug 29, 2017
View reviewed changes
src/shared/components/challenge-listing/Filters/FiltersPanel/index.jsx Outdated
if (filterState.tags) {
filterStateTags = Array.isArray(filterState.tags) ? filterState.tags.join(',') :
Object.keys(filterState.tags).map(key => filterState.tags[key]).join(',');
}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. For such checks we prefer to use lodash functions.
  2. Is really possible that we can get either array either object here? It looks strange.

src/shared/utils/challenge-listing/filter.js Outdated
const filterSubtracks = state.subtracks.map(item =>
const subtracks = Array.isArray(state.subtracks) ? state.subtracks :
Object.keys(state.subtracks).map(key => state.subtracks[key]);
const filterSubtracks = subtracks.map(item =>
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Especially here. It is just documented in the module's head comment that tags and subtracks must be arrays. So if it gets called with object, it is an error to be fixed somewhere else.

@elfman
Copy link
Contributor Author

elfman commented Aug 30, 2017

@birdofpreyru I found another way to solve this bug, please check again

@elfman elfman force-pushed the issue187 branch 2 times, most recently from 89bded2 to d733a6e Compare August 30, 2017 13:07
birdofpreyru
birdofpreyru reviewed Aug 30, 2017
View reviewed changes
src/server/server.js Outdated
@@ -34,6 +35,8 @@ const app = express();
* fix. */
global.atob = atob;

app.set('query parser', str => qs.parse(str, { arrayLimit: 1000 }));
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@elfman It looks like you found the correct reason behind the issue, but I don't like this way solving it. The reason qs limits possible array lengths and turns array elements with indices larger than 20 into objects is the following: say you set limit 1000, then it is legit to send query param x[999]=... and the backend will have to create an array with 1000 elements for this param. I guess, it opens a very easy way to spam the server, if somebody wants to: you just send in a query like x[999]=a&y[999]=b&... and server will have lots of fun creating a big array for each of params.
So, I guess, we better just account in the reducer that long arrays are actually parsed as objects.

@elfman
Copy link
Contributor Author

elfman commented Aug 30, 2017
edited
Loading

@birdofpreyru Updated

@elfman elfman force-pushed the issue187 branch 3 times, most recently from 29452b8 to ea65797 Compare August 31, 2017 06:11
@birdofpreyru birdofpreyru merged commit c3afa36 into topcoder-platform:develop Sep 1, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@birdofpreyru birdofpreyru birdofpreyru requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@elfman @birdofpreyru