From cdfcdf47728e469d5e57d86b3eb1b809a18d8eae Mon Sep 17 00:00:00 2001
From: Daniel Quinn <code@danielquinn.org>
Date: Mon, 20 Jul 2015 16:04:20 +0200
Subject: [PATCH] Set a default max_limit based on api_settings

With a default of `None`, this can allow for some scary requests, even when `MAX_PAGINATE_BY` is set.  If we set `max_limit` to the global default, the behaviour is more predictable.
---
 rest_framework/pagination.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rest_framework/pagination.py b/rest_framework/pagination.py
index a171c684f..d86c6870e 100644
--- a/rest_framework/pagination.py
+++ b/rest_framework/pagination.py
@@ -341,7 +341,7 @@ class LimitOffsetPagination(BasePagination):
     default_limit = api_settings.PAGE_SIZE
     limit_query_param = 'limit'
     offset_query_param = 'offset'
-    max_limit = None
+    max_limit = api_settings.MAX_PAGINATE_BY
     template = 'rest_framework/pagination/numbers.html'
 
     def paginate_queryset(self, queryset, request, view=None):