[MGNLPN-513] Document the un-obvious implications of StorageAwareTraitCollector Created: 02/Nov/20  Updated: 23/Aug/22

Status: Open
Project: Magnolia Personalization
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Neutral
Reporter: Aleksandr Pchelintcev Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
relation
is related to MGNLPN-512 Reduce the scope of CountryDetectorFi... Open
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Documentation update required:
Yes
Team: AuthorX

 Description   

Explain in JavaDoc (and potentially the real doc) the implications of using the StorageAwareTraitCollector:

  • that it creates a session even if it doesn't exist (for anon user)
  • that due to the above it might be prone to DoS attacks
  • that the user should be fully aware of that and take such responsibility on themselves.

Generated at Mon Feb 12 06:38:23 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.