is there any reason to have the search view registered for all interfaces instead of the site root only?
IMO, this is a potential target for DDoS attacks.
also, I don't see this package pinned for Plone 5.0; are we missing it?
In Plone 5 the code is part of Products.CMFPlone. Why do you think that is a possible DDOS-vector?
Perhaps it should be registered against INavigationRoot?
It's a common usecase to provide an extended search form for a subtree of the site where the search root must not necessarily have INavigationRoot set. Leave it as it is.
-aj
In the past we have seen DDoS attacks on some of our sites using the search form; the search form is difficult to protect besides some sort of rate limiting.
Then maybe I need to override this only for us.
Any un-cached page on any web application can be used as a DDOS. You need other precautions in place in order to protect your site like WAF, failover, serve stale cache, cache pinning, etc.
If you have a particular site that is a target, I suggest you use something like collective.elasticindex and use js to return search results so it doesn't actually ever hit your site.
I'm evaluating that, thanks!