You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@superset.apache.org by be...@apache.org on 2023/08/10 01:04:41 UTC
[superset] 01/03: chore: rate limit requests
This is an automated email from the ASF dual-hosted git repository.
beto pushed a commit to branch fix_dos
in repository https://gitbox.apache.org/repos/asf/superset.git
commit 51e7e1bdc9fb058cca854b9774a9529ae7f350c8
Author: Beto Dealmeida <ro...@dealmeida.net>
AuthorDate: Thu Jun 1 15:57:36 2023 -0700
chore: rate limit requests
---
superset/config.py | 6 ++++++
superset/models/dashboard.py | 2 +-
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/superset/config.py b/superset/config.py
index 75fda6eb37..d430273008 100644
--- a/superset/config.py
+++ b/superset/config.py
@@ -266,6 +266,12 @@ PROXY_FIX_CONFIG = {"x_for": 1, "x_proto": 1, "x_host": 1, "x_port": 1, "x_prefi
# Configuration for scheduling queries from SQL Lab.
SCHEDULED_QUERIES: dict[str, Any] = {}
+# Rate limiting
+RATELIMIT_ENABLED = True
+AUTH_RATE_LIMITED = True
+AUTH_RATE_LIMIT = "2 per 5 second"
+RATELIMIT_APPLICATION = "50 per second"
+
# ------------------------------
# GLOBALS FOR APP Builder
# ------------------------------
diff --git a/superset/models/dashboard.py b/superset/models/dashboard.py
index 0fecf15a55..18aab8f9e6 100644
--- a/superset/models/dashboard.py
+++ b/superset/models/dashboard.py
@@ -377,7 +377,7 @@ class Dashboard(Model, AuditMixinNullable, ImportExportMixin):
) -> str:
copied_dashboards = []
datasource_ids = set()
- for dashboard_id in dashboard_ids:
+ for dashboard_id in set(dashboard_ids):
# make sure that dashboard_id is an integer
dashboard_id = int(dashboard_id)
dashboard = (