id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
13632	lack of builtin range checking of id fields	anonymous	None	"The lack of builtin range checking for id fields is a vulnerability.

{{{
/service/docserver/papers/3/ --> produces a document
/service/docserver/papers/6578/ --> produces 404 page
/service/docserver/papers/9999999999999999999/ --> throws OverflowError
}}}

Traceback is at http://paste.pocoo.org/show/218865/

I think the last case should throw !DoesNotExist instead of causing server error.
In the case at hand I used generic views and sqlite3 DB backend.
Of course, one can check this himself all over the places, however that would be against the DRY principle.
Not to mention, it would be complicated when using generic views.

"		closed	Documentation	dev		wontfix			Unreviewed	0	0	0	0	0	0