Plone seach view and context

is there any reason to have the search view registered for all interfaces instead of the site root only?

IMO, this is a potential target for DDoS attacks.

also, I don't see this package pinned for Plone 5.0; are we missing it?

In Plone 5 the code is part of Products.CMFPlone. Why do you think that is a possible DDOS-vector?

Perhaps it should be registered against INavigationRoot?

It's a common usecase to provide an extended search form for a subtree of the site where the search root must not necessarily have INavigationRoot set. Leave it as it is.


In the past we have seen DDoS attacks on some of our sites using the search form; the search form is difficult to protect besides some sort of rate limiting.

Then maybe I need to override this only for us.

Any un-cached page on any web application can be used as a DDOS. You need other precautions in place in order to protect your site like WAF, failover, serve stale cache, cache pinning, etc.

If you have a particular site that is a target, I suggest you use something like collective.elasticindex and use js to return search results so it doesn't actually ever hit your site.

I'm evaluating that, thanks!