[views/primary] some inner sections should use the `limit` by default to avoid a denial of service (closes #2719110)
Today, it is possible to call .related and get a huge unlimited
database-dos-inducing resultset that will be nevertheless limited a
bit further in pure python in the `autolimited` view.
While we cannot completely avoid potential denial of services such as
these we mitigate the problem with the default ui settings: if the
inner vid is `autolimited`, then the relation result sets is computed
using the user-defined limit.
This change respects the semantics of the `autolimited` view and
shouldn't break anything.
Javascript Coding Standards
---------------------------
(Draft, to be continued)
:Naming: camelCase, except for CONSTANTS
Indentation rules
~~~~~~~~~~~~~~~~~
- espace avant accolade ouvrante
- retour à la ligne après accolade ouvrante (éventuellement pas
de retour à la ligne s'il y a tout sur la même ligne, mais ce n'est
pas le cas ici.
- no tabs
Documentation
~~~~~~~~~~~~~
XXX explain comment format for documentation generation
Coding
~~~~~~
- Don't forget 'var' before variable definition, and semi-colon (';') after **each** statement.
- Check the firebug console for deprecation warnings
API usage
~~~~~~~~~
- unless intended, use jQuery('container') rather than jqNode('container')
See also
~~~~~~~~
http://google-styleguide.googlecode.com/svn/trunk/javascriptguide.xml