-
Improvement
-
Resolution: Unresolved
-
Minor
-
None
-
Cloudbees Jenkins 14.11
When users are using the rest api interface with a folder, the depth limit allows very large amounts of data to be returned, which can overload Jenkins.
There is no way to stop this in Jenkins, only by using apache in front of Jenkins and blocking patterns and query strings is this possible.
CB published an article on how to use tree to limit this
https://www.cloudbees.com/blog/taming-jenkins-json-api-depth-and-tree
I would interpret this as a more general request for a way to block any Api.doJson/Xml call if tree were omitted.