You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@superset.apache.org by be...@apache.org on 2023/08/11 15:21:44 UTC
[superset] 01/04: chore: rate limit requests
This is an automated email from the ASF dual-hosted git repository.
beto pushed a commit to branch fix_dos
in repository https://gitbox.apache.org/repos/asf/superset.git
commit 50dabf39941402a72cae7c50a15ab4b4eaee4433
Author: Beto Dealmeida <ro...@dealmeida.net>
AuthorDate: Thu Jun 1 15:57:36 2023 -0700
chore: rate limit requests
---
superset/config.py | 6 ++++++
superset/models/dashboard.py | 2 +-
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/superset/config.py b/superset/config.py
index 75fda6eb37..d430273008 100644
--- a/superset/config.py
+++ b/superset/config.py
@@ -266,6 +266,12 @@ PROXY_FIX_CONFIG = {"x_for": 1, "x_proto": 1, "x_host": 1, "x_port": 1, "x_prefi
# Configuration for scheduling queries from SQL Lab.
SCHEDULED_QUERIES: dict[str, Any] = {}
+# Rate limiting
+RATELIMIT_ENABLED = True
+AUTH_RATE_LIMITED = True
+AUTH_RATE_LIMIT = "2 per 5 second"
+RATELIMIT_APPLICATION = "50 per second"
+
# ------------------------------
# GLOBALS FOR APP Builder
# ------------------------------
diff --git a/superset/models/dashboard.py b/superset/models/dashboard.py
index 719a6df8e4..5159fa873b 100644
--- a/superset/models/dashboard.py
+++ b/superset/models/dashboard.py
@@ -377,7 +377,7 @@ class Dashboard(Model, AuditMixinNullable, ImportExportMixin):
) -> str:
copied_dashboards = []
datasource_ids = set()
- for dashboard_id in dashboard_ids:
+ for dashboard_id in set(dashboard_ids):
# make sure that dashboard_id is an integer
dashboard_id = int(dashboard_id)
dashboard = (