@@ -407,7 +407,7 @@ def to_html(self):
407407
408408class CursorPagination (BasePagination ):
409409 """
410- The cursor pagination implementation is neccessarily complex.
410+ The cursor pagination implementation is necessarily complex.
411411 For an overview of the position/offset style we use, see this post:
412412 http://cramer.io/2011/03/08/building-cursors-for-the-disqus-api
413413 """
@@ -417,6 +417,12 @@ class CursorPagination(BasePagination):
417417 ordering = '-created'
418418 template = 'rest_framework/pagination/previous_and_next.html'
419419
420+ # The offset in the cursor is used in situations where we have a
421+ # nearly-unique index. (Eg millisecond precision creation timestamps)
422+ # We guard against malicious users attempting to cause expensive database
423+ # queries, by having a hard cap on the maximum possible size of the offset.
424+ offset_cutoff = 1000
425+
420426 def paginate_queryset (self , queryset , request , view = None ):
421427 self .page_size = self .get_page_size (request )
422428 if not self .page_size :
@@ -647,18 +653,12 @@ def decode_cursor(self, request):
647653 if encoded is None :
648654 return None
649655
650- # The offset in the cursor is used in situations where we have a
651- # nearly-unique index. (Eg millisecond precision creation timestamps)
652- # We guard against malicious users attempting to cause expensive database
653- # queries, by having a hard cap on the maximum possible size of the offset.
654- OFFSET_CUTOFF = 1000
655-
656656 try :
657657 querystring = b64decode (encoded .encode ('ascii' )).decode ('ascii' )
658658 tokens = urlparse .parse_qs (querystring , keep_blank_values = True )
659659
660660 offset = tokens .get ('o' , ['0' ])[0 ]
661- offset = _positive_int (offset , cutoff = OFFSET_CUTOFF )
661+ offset = _positive_int (offset , cutoff = self . offset_cutoff )
662662
663663 reverse = tokens .get ('r' , ['0' ])[0 ]
664664 reverse = bool (int (reverse ))
0 commit comments