summaryrefslogtreecommitdiff
path: root/modules/rss/controllers
diff options
context:
space:
mode:
authorBharat Mediratta <bharat@menalto.com>2009-09-01 20:13:23 -0700
committerBharat Mediratta <bharat@menalto.com>2009-09-01 20:13:23 -0700
commit03c5c117759aca8a3d898c6c4f03da6ddf67e81d (patch)
tree04df721065e21eecd8085994593713d7f369583d /modules/rss/controllers
parent295fc0c14ce938e02bf17c350a50d36b73802ad0 (diff)
Allow the RSS feed page size to be customizeable, up to 100 items (to
mitigate DoS attacks). Have PicLens request a 100-item page to mitigate the bug where it refuses to load the 2nd page. Mitigates #23.
Diffstat (limited to 'modules/rss/controllers')
-rw-r--r--modules/rss/controllers/rss.php5
1 files changed, 4 insertions, 1 deletions
diff --git a/modules/rss/controllers/rss.php b/modules/rss/controllers/rss.php
index e9dd9fff..b89bed40 100644
--- a/modules/rss/controllers/rss.php
+++ b/modules/rss/controllers/rss.php
@@ -26,13 +26,16 @@ class Rss_Controller extends Controller {
url::redirect(url::merge(array("page" => 1)));
}
+ // Configurable page size between 1 and 100, default 20
+ $page_size = max(1, min(100, $this->input->get("page_size", self::$page_size)));
+
// Run the appropriate feed callback
if (module::is_active($module_id)) {
$class_name = "{$module_id}_rss";
if (method_exists($class_name, "feed")) {
$feed = call_user_func(
array($class_name, "feed"), $feed_id,
- ($page - 1) * self::$page_size, self::$page_size, $id);
+ ($page - 1) * $page_size, $page_size, $id);
}
}
if (empty($feed)) {
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-13 07:07:40 +0000