Restrict short queries at API level#11485
Merged
cdrini merged 2 commits intointernetarchive:masterfrom Nov 26, 2025
Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR adds API-level validation to restrict short search queries (less than 3 characters) and block specific queries like "the" from being processed by the search API. This helps reduce load on the search infrastructure by preventing ineffective or resource-intensive queries.
- Query validation is added to both the legacy web.py endpoint (
/search) and the FastAPI endpoint (/search.json) - Short queries (< 3 characters) and blocked queries return HTTP 422 with descriptive error messages
- Frontend autocomplete logic is updated to use case-insensitive comparison for blocked queries
Reviewed Changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| openlibrary/plugins/worksearch/code.py | Adds query validation to the legacy search API endpoint, checking for query length and blocked queries, moves Content-Type header setting before validation |
| openlibrary/fastapi/search.py | Adds query validation to the FastAPI search endpoint with the same checks for query length and blocked queries |
| openlibrary/plugins/openlibrary/js/SearchBar.js | Fixes the blocked query check to use case-insensitive comparison, matching the backend behavior |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
cdrini
added
the
Patch Deployed
cdrini
force-pushed
the
perf/solr-short-queries
branch
from
37c5810 to
2ac1305
Compare
cdrini
added
the
Theme: Performance
cdrini
force-pushed
the
perf/solr-short-queries
branch
from
4945eac to
fbb34f8
Compare
github-project-automation
bot
moved this to Waiting Review/Merge from Staff
in Ray's Project
RayBB
approved these changes
Nov 26, 2025
Collaborator
RayBB
left a comment
RayBB
left a comment
There was a problem hiding this comment.
This is exactly what we want. I like that we give a nice error too!
github-project-automation
bot
moved this from Waiting Review/Merge from Staff
to Done
in Ray's Project
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #11271 . Was noticing a good number of these in our solr logs for
TheorTHEoraor*taking 10s+ and hitting the timeout, coming from the search.json api.Technical
Testing
Put on prod before the second commit, and monitoring performance. No longer seeing these in the logs!
NOTE: This is will prevent some real usecases, like searching for Stephen King's It via the API -- which doesn't time out.
Screenshot
Stakeholders