To shield the server from such unintentional "Denial of Service attacks", you can use server side paging. With server side paging, you configure the server such that only a limited number of rows are returned. There generally isn’t any conflict for the usage of client based and server based paging.

 

 

Feed (GET_ENTITYSET), Paging

To retrieve values for $top and $skip, use the following code:

lv_top  = io_tech_request_context->get_top( ).

lv_skip = io_tech_request_context->get_skip( ).

 

Call the RFC function module with or without the parameter MAXROWS only if $top has been passed as a query parameter by using the following lines of code:

*- get number of records requested
lv_top = io_tech_request_context->get_top( ).
*- get number of lines that should be skipped
lv_skip = io_tech_request_context->get_skip( ).

IF lv_top IS NOT INITIAL.

*- calculate number of rows that must be retrieved
lv_maxrows-bapimaxrow = lv_top + lv_skip.

CALL FUNCTION 'BAPI_EPM_PRODUCT_GET_LIST'
EXPORTING
MAX_ROWS = lv_maxrows

*- delete the entries that have to be skipped.
IF lv_skip IS NOT INITIAL.
DELETE et_entityset TO lv_skip.
ENDIF.