Hacker News new | past | comments | ask | show | jobs | submit login

> why?

  while true:
    select count(*) from huge_table
thats why.



1.if that table is a materialized view with columnstore index then you can run it as many times as you want.

2. always hide postgREST behind API gateway/load balancer/waf/ids+ips/rate limiter and you will be more secure from stuff lile this


You can setup a view (accessed by postgrest) that returns an error when there are no (correct) filters in the query so that takes care of select *... problem (also you can have the same logic in the proxy (nginx) layer




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: