You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I would like to have a plan_filter.transaction_cost_limit setting, with a behavior similar to plan_filter.statement_cost_limit but this would limit the sum of the statements costs in a transaction, this is useful as a security measure for webapps that expose endpoints that enable batch operations in a single transaction.
My idea is to limit misbehaving clients that could specify a large number of queries through the batch interface and reject their requests mapping the plan cost limit exceeded error to a HTTP 429 Too Many Requests status code; there are mechanisms at the application level to defend against this kind of misbehavior but I think it would be simpler/cleaner to enforce it at the database level.
Any thoughts about this? If it seems like a reasonable feature, I could work on a PR.
The text was updated successfully, but these errors were encountered:
I would like to have a
plan_filter.transaction_cost_limitsetting, with a behavior similar toplan_filter.statement_cost_limitbut this would limit the sum of the statements costs in a transaction, this is useful as a security measure for webapps that expose endpoints that enable batch operations in a single transaction.My idea is to limit misbehaving clients that could specify a large number of queries through the batch interface and reject their requests mapping the
plan cost limit exceedederror to aHTTP 429 Too Many Requestsstatus code; there are mechanisms at the application level to defend against this kind of misbehavior but I think it would be simpler/cleaner to enforce it at the database level.Any thoughts about this? If it seems like a reasonable feature, I could work on a PR.
The text was updated successfully, but these errors were encountered: