View Issue Details

IDProjectCategoryView StatusLast Update
0025492mantisbtprintingpublic2019-02-19 15:56
ReporterChrisG Assigned To 
PrioritynormalSeverityfeatureReproducibilityalways
Status newResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0025492: Printing (print_all_bug_page) is a perf/security risk
Description

Live profiling of our server showed that 20,182 queries may be executed by the trivially achieved operation of printing out from "view all issues" when there's no filter. This was an intensive 40 second web request.

There needs to be some kind of control of this. I'd suggest implementing a maximum printable issues feature, that is controlled by access level. If set to zero for an access level then there would be no print button at all. The default config would set it 0 for guests to stop spiders hitting it.

TagsNo tags attached.

Relationships

related to 0022224 new Access Restrictions to "Print Reports", "CSV Export", "Excel Export" in view all bugs page 

Activities

ChrisG

ChrisG

2019-02-19 15:21

reporter   ~0061522

This is related to 0004798.

Issue History

Date Modified Username Field Change
2019-02-19 15:19 ChrisG New Issue
2019-02-19 15:21 ChrisG Note Added: 0061522
2019-02-19 15:42 atrol Relationship added related to 0022224
2019-02-19 15:56 atrol Priority high => normal
2019-02-19 15:56 atrol Severity major => feature