On Thu, May 8, 2025 at 5:22 AM Aleksander Alekseev
wrote:
> Thanks for the patch. It looks good to me. It's well documented and
> covered with tests. I can confirm that the tests pass. Also they fail
> if I decrease the $nesting_limit value to 15.
Thanks for the review!
--Jacob
Hi Jacob,
> I forgot to put a recursion limit in the new OAuth parsers; the
> server-side depth checks don't apply to the client, and it's not using
> the incremental parser to move the burden from the stack to the heap.
> Luckily, we track the nesting level already, so a fix (attached) can
> be p
