Skip to content

Feature: Add Timeouts to External API Calls #775

New issue
New issue
Open
#774
Open
Feature: Add Timeouts to External API Calls#775
#774
Labels
documentationdocumentation to be updatedenhancementImprovement to existing feature
@Eric-Butcher

Description

@Eric-Butcher
Eric-Butcher
opened on Aug 21, 2025

Description

Currently there are multiple places throughout ColdFront where external web requests are made to other APIs that do not have timeouts. These could in theory block and contribute to a DOS. Since there are many places throughout ColdFront where API requests are made, it would be best if administrators could provide a standard amount of time they would like to give for a web request to take before it times out.

  1. A setting REQUEST_TIMEOUT_SECONDS should be added to allow admins to configure by default how long arbitrary requests made by ColdFront should take before timing out.
  2. Timeouts should be added to all external API requests to prevent unintended DOS.
  3. Add linter rules to check that developers are using timeouts when calling to external services.

Component

No response

Additional information

Metadata
Metadata
Assignees
No one assigned
    Labels
    documentationdocumentation to be updatedenhancementImprovement to existing feature
    Type
    No type
    Projects
    No projects
    Milestone
    No milestone
    Relationships
    None yet
    Development
    No branches or pull requests
    Issue actions