-
-
Notifications
You must be signed in to change notification settings - Fork 10.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Database soft limits #8143
Comments
Assigned to |
We would like to change the following database soft limits (== input validation).
I will move this issue into the |
closes TryGhost/Ghost#8143 - uses new soft limits in validation: - post title to 255 - meta title to 300 - meta description to 500 - updates test
closes TryGhost/Ghost#8143 - uses new soft limits in validation: - post title to 255 - meta title to 300 - meta description to 500 - updates test
closes TryGhost/Ghost#8143 - uses new soft limits in validation: - post title to 255 - meta title (post and tag) to 300 - meta description (post and tag) to 500 - updates test
closes TryGhost/Ghost#8143 - uses new soft limits in validation: - post title to 255 - meta title (post and tag) to 300 - meta description (post and tag) to 500
This was not added on the server side. We should figure out first how complex it is to add the soft limits on the server side now. e.g. other external clients might not have the same soft limits we have added on the Ghost admin (mobile apps) or imports from LTS to 1.0. |
We had a call today, @AileenCGN will post the result from it tomorrow morning. |
In the call yesterday, @kirrg001 and I came to following conclusion: We have two options:
We decided to go with option 1, because there only very few fields that are affected, and the chances, that someone would have an entry in the db, which exceeds these soft limits, are pretty low, especially for LTS imports, some limits were lower and Ghost only worked with Ghost Admin client. Soft limits for server sideThese are the affected db tables and fields, where we're going to set a soft limit, using the
It's going to be more tricky to set a soft limit for the Add/increase soft limits on client side
Tasks
Additional tasks
1 I tested the following scenario with
|
@kirrg001 Can you please let me know, if I got everything right? If not, just change it in my comment |
I tested with MySQL and sqlite, if values get cut of by the db if they exceed the hard limit and the result is that they don't. This means, there's no need to use set soft limits for the remaining db fields. |
@kirrg001 I also stumbled over another problem: The I suggest, that we cut the rendered slug to a maximum of 191 chars, so we never return a slug that would fail the validation and therefore prevent the saving process. I added this to the task-list in my comment above. |
refs TryGhost/Ghost#8143 Increases existing input validation lenght (soft limits) of the following fields: - `tags.name`: 191 chars - `tags.slug`: 191 chars - `users.name`: 191 chars
To extend that a bit. If you did an import without having the server-side soft limit validator in place for e.g. the meta fields, you might already hit the client validation as soon as you start editing an affected post.
It's always possible to use the Ghost API directly without any client, but we should not care about this case too much. Only common external clients are important e.g. the native android Ghost app.
Yeah we have a
I think it's necessary, but this is how the soft limit validation message looks like:
If a generated slug is too long, it would hit the hard limit validation by default. But e.g. a post title can be up to 255 characters, whereas the post slug can be up to 191 only, this is definitely an additional task, because this is out of the control of the user - you won't be able to create a post. If you are doing an LTS migration to 1.x and some of your fields hit a server-side soft limit, should we auto-fix or let the user fix it manually? |
This is a very good point. I am not sure, which way to go here. If we auto-fix those cases, the user loses data. But it's also very unlikely (IMO) that those limits are hit, but it's still possible. On the other hand, if we don't auto-fix them, the migration would fail and the user has to find the affected part and fix it himself. 🤔
Can certainly optimize the error message to make it more user friendly.
So, we go for option 1 now? |
👍
Will confirm this approach with @ErisDS - we have a call in an hour anyway. As well as the import auto-fix concern. Will come back here soon. |
Option 1 confirmed. No auto-fix for migrations. |
@kirrg001 I updated the bis comment above reflecting those changes. |
refs TryGhost#8143 Sets soft limits for certain db fields: - `posts`: - `title`: 255 chars (current hard limit: 2,000 chars) - `meta_title`: 300 chars (current hard limit: 2,000 chars) - `meta_description`: 500 chars (current hard limit: 2,000 chars) - `users`: - `bio`: 200 chars (current hard limit: 65,535 chars) - `location`: 150 chars (current hard limit: 65,535 chars) - `meta_description`: 500 chars (current hard limit: 2,000 chars) - `meta_title`: 300 chars (current hard limit: 2,000 chars) - `tags`: - `description`: 500 chars (current hard limit: 65,535 chars) - `meta_title`: 300 chars (current hard limit: 2,000 chars) - `meta_description`: 500 chars (current hard limit: 2,000 chars)
@cobbspur This is an example error message, that Ghost will return. Imports and migrations can then fail when they exceeded the soft limits of the above mentioned fields. |
refs #8143 Sets soft limits for certain db fields: - `posts`: - `title`: 255 chars (current hard limit: 2,000 chars) - `meta_title`: 300 chars (current hard limit: 2,000 chars) - `meta_description`: 500 chars (current hard limit: 2,000 chars) - `users`: - `bio`: 200 chars (current hard limit: 65,535 chars) - `location`: 150 chars (current hard limit: 65,535 chars) - `meta_description`: 500 chars (current hard limit: 2,000 chars) - `meta_title`: 300 chars (current hard limit: 2,000 chars) - `tags`: - `description`: 500 chars (current hard limit: 65,535 chars) - `meta_title`: 300 chars (current hard limit: 2,000 chars) - `meta_description`: 500 chars (current hard limit: 2,000 chars) - same error message for isLength validator as for hard limits (more improvements are comming with #6050) - added more tests for importer - added dynamic translation key handling for validators errors (isLength is only supported atm)
refs TryGhost/Ghost#8143 Increases existing input validation length (soft limits) of the following fields: - `tags.name`: 191 chars - `tags.slug`: 191 chars - `users.name`: 191 chars
refs TryGhost#8143 Add max length validations to settings: - `blog.title`: 150 chars - `blog.description`: 200 chars The `validateSettings` fn in our validations checks for existing `validations` properties in our `default-settings.json` file, similar to other tables in our `schema.js`.
refs TryGhost/Ghost#8143 Added more client side validations for input fields: - Blog title in setup flow (150 chars) - User email (191 chars) - Subscribers email (191 chars)
…mail fields (#909) refs TryGhost/Ghost#8143 Added more client side validations for input fields: - Blog title in setup flow (150 chars) - User email (191 chars) - Subscribers email (191 chars)
refs #8143 Add max length validations to settings: - `blog.title`: 150 chars - `blog.description`: 200 chars The `validateSettings` fn in our validations checks for existing `validations` properties in our `default-settings.json` file, similar to other tables in our `schema.js`.
If #9251 gets merged as is, we won't need to add the two last missing client side validations for The generated slug will always be max 185 chars plus possible counter, and updating a slug goes through the same bit of logic, where we first cut the slug and then check for duplicates. |
closes TryGhost#8143 Fixed a potential issue (edge-case), where our generated and validated (in terms of check for existance and add a counter) would return a slug, that will exceed the maximum length of the slug fields (191 chars). This is mostly possible for the post title, which can be 255 chars long and would generate a slug with the same length. This would prevent the user from actually saving a post. I tried first to determine the expected length for a slug that already exists, but decided that the **easier** and simplyfied implementation is to always cut a slug to **185 chars** (+ counter). This makes it easier to find duplicates and includes a possible high number of counts (edge-edge-case). The slug will not be cut down to 185 chars if it's an import.
closes #8143 Fixed a potential issue (edge-case), where our generated and validated (in terms of check for existance and add a counter) would return a slug, that will exceed the maximum length of the slug fields (191 chars). This is mostly possible for the post title, which can be 255 chars long and would generate a slug with the same length. This would prevent the user from actually saving a post. I tried first to determine the expected length for a slug that already exists, but decided that the **easier** and simplyfied implementation is to always cut a slug to **185 chars** (+ counter). This makes it easier to find duplicates and includes a possible high number of counts (edge-edge-case). The slug will not be cut down to 185 chars if it's an import.
We have recently optimised our hard limits, see #7932.
One optimisation which is missing are the soft limits. A soft limit is a limit which is defined within the application as validation condition - client and server side.
See original issue and discussion #4134.
e.g. it was suggested to increase the post title validation from 150 to 255.
We have to go over all soft limits and decide on a reasonable limit.
The text was updated successfully, but these errors were encountered: