amp-autocomplete: should not fetch data if min-characters constraint is not satisfied.

ampproject / wg-amp4email

Responsible for the AMP4Email project. Facilitator: @nainar

Creative Commons Attribution 4.0 International

56 stars 14 forks source link

amp-autocomplete: should not fetch data if min-characters constraint is not satisfied. #26

Open dadhichaditya opened 2 years ago

dadhichaditya commented 2 years ago

As observed:

amp-autocomplete has an attribute min-characters which does not show the results in Gmail inbox if no. of characters typed are less than the attribute value; which is fine
but it actually hits the src endpoint to fetch emote data even if there is no intention of showing that data in inbox
ideally, min-characters value should be honoured before fetching remote data.
this increases the number of API hits tremendously

Also, what kind of security measures should be taken to avoid any misuse of API's. Read this but there is not example for implementing this #19

zhangsu commented 2 years ago

ideally, min-characters value should be honoured before fetching remote data.

Good idea! Agreed.

Also, what kind of security measures should be taken to avoid any misuse of API's. Read this but there is not example for implementing this https://github.com/ampproject/wg-amp4email/issues/19

We never got around to implementing that proposal. The current recommendation is still just https://amp.dev/documentation/guides-and-tutorials/learn/email_fundamentals/#authenticating-requests.