Denial of service attack vector via blocking urllib3 call on form render

[djay]

Not a scalable design. Any slowness on the mailchimp api or large number of requests brings down a whole cluster of zope instances.

...
Module collective.mailchimp.browser.portlet, line 89, in update
...
Module collective.mailchimp.browser.newsletter, line 52, in updateWidgets
...
Module collective.mailchimp.vocabularies, line 32, in interest_groups
Module collective.mailchimp.locator, line 60, in groups
...

Either

1. save the list to the ZODB during control panel configuration and require the user to resave to update.
2. support plone.app.async
3. do you own seperate thread to do background updates.

[tisto]

@djay I am aware of this problem. Though, our initial project budget did not cover those use cases. So far, we never ran into this problem. plone.app.async support would be nice to have. Though, somebody would need to implement or sponsor this...