[Phpmyadmin-devel] Limits imposed by Suhosin
Madhura Jayaratne
madhura.cj at gmail.com
Sun Aug 7 13:36:34 CEST 2011
On Sun, Aug 7, 2011 at 4:36 PM, Marc Delisle <marc at infomarc.info> wrote:
> Le 2011-08-06 07:59, Madhura Jayaratne a écrit :
> > Hi all,
> >
> > While attending to a bug [1], I came across the following.
> > Suhosin imposes a limit of 512 on the length of the variable that can be
> > passed via a GET [2]. This is often problematic as in PMA we encounter
> long
> > parameters (long sql queries, where clauses when no unique key is there
> > etc). Due to the same problem [3] $cfg['LinkLengthLimit'] configuration
> was
> > lowered to more stricter 1000 from 2000, which is more acceptable.
> >
> > In this particular bug the problem is that, though the URL length is
> under
> > 1000, one parameter, 'sql_query', violates the Suhosin limit. What
> > should be our stand on this. Should we adhere to Suhosin default values?
> >
> > In 3.5 we have a possible solution for this [4] and we can still lower
> > $cfg['LinkLengthLimit'] value without losing the look and feel. However
> this
> > needs to have JS enabled and I'm not sure whether we want to impose that
> > condition for the 3.4 series.
>
> Madhura,
> see Documentation.html, FAQ 1.38. You might want to add a suggestion
> there about suhosin.get.max_value_length.
>
> As you can deduce from this FAQ entry, it was not our intention to adapt
> to Suhosin's limits.
>
>
Hi Marc,
Thank you for the lead given to find what exactly the bug was when I was
clueless about it. My apologies for missing it in the initial mail.
Yes, I will add a comment to the FAQ and mark the bug as wont fix.
--
Thanks and Regards,
Madhura Jayaratne
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phpmyadmin.net/pipermail/developers/attachments/20110807/0a5fe7a9/attachment.html>
More information about the Developers
mailing list