increase max websocket read limit. protect frontend from exceeding the read limit. limit input size to 10k characters. (#606)

2025-01-02 18:39:05 +01:00 · 2024-04-25 15:07:41 -07:00 · 2024-04-25 15:07:41 -07:00 · 21d0dd076b
commit 21d0dd076b
parent 6e28151dad
5 changed files with 14 additions and 4 deletions
--- a/src/app/appconst.ts
+++ b/src/app/appconst.ts
@ -47,6 +47,8 @@ export const TabIcons = [
    "file",
 ];

+export const MaxWebSocketSendSize = 64 * 1024 - 100;
+
 // @ts-ignore
 export const VERSION = __WAVETERM_VERSION__;
 // @ts-ignore
--- a/src/app/workspace/cmdinput/textareainput.tsx
+++ b/src/app/workspace/cmdinput/textareainput.tsx
@ -13,6 +13,7 @@ import { getMonoFontSize } from "@/util/textmeasure";
 import * as appconst from "@/app/appconst";

 type OV<T> = mobx.IObservableValue<T>;
+const MaxInputLength = 10 * 1024;

 function pageSize(div: any): number {
    if (div == null) {
@ -616,7 +617,7 @@ class TextAreaInput extends React.Component<{ screen: Screen; onHeightChange: ()
                    <CmdInputKeybindings inputObject={this}></CmdInputKeybindings>
                </If>
                <If condition={renderHistoryKeybindings}>
-                    <HistoryKeybindings inputObject={this}></HistoryKeybindings>
+                    <HistoryKeybindings></HistoryKeybindings>
                </If>

                <If condition={!util.isBlank(shellType)}>
@ -637,6 +638,7 @@ class TextAreaInput extends React.Component<{ screen: Screen; onHeightChange: ()
                    onChange={this.onChange}
                    onSelect={this.onSelect}
                    placeholder="Type here..."
+                    maxLength={MaxInputLength}
                    className={cn("textarea", { "display-disabled": auxViewFocused })}
                ></textarea>
                <input
--- a/src/models/ws.ts
+++ b/src/models/ws.ts
@ -5,6 +5,7 @@ import * as mobx from "mobx";
 import { sprintf } from "sprintf-js";
 import { boundMethod } from "autobind-decorator";
 import dayjs from "dayjs";
+import * as appconst from "@/app/appconst";

 class WSControl {
    wsConn: any;
@ -171,7 +172,13 @@ class WSControl {
        if (!this.open.get()) {
            return;
        }
-        this.wsConn.send(JSON.stringify(data));
+        let msg = JSON.stringify(data);
+        const byteSize = new Blob([msg]).size;
+        if (byteSize > appconst.MaxWebSocketSendSize) {
+            console.log("ws message too large", byteSize, data.type, msg.substring(0, 100));
+            return;
+        }
+        this.wsConn.send(msg);
    }

    pushMessage(data: any) {
--- a/wavesrv/cmd/main-server.go
+++ b/wavesrv/cmd/main-server.go
@ -990,7 +990,6 @@ func doShutdown(reason string) {
 }

 func configDirHandler(w http.ResponseWriter, r *http.Request) {
-	log.Printf("running?")
 	configPath := r.URL.Path
 	configFullPath := path.Join(scbase.GetWaveHomeDir(), configPath)
 	dirFile, err := os.Open(configFullPath)
--- a/wavesrv/pkg/wsshell/wsshell.go
+++ b/wavesrv/pkg/wsshell/wsshell.go
@ -119,7 +119,7 @@ func (ws *WSShell) ReadPump() {
 	defer func() {
 		ws.Conn.Close()
 	}()
-	ws.Conn.SetReadLimit(4096)
+	ws.Conn.SetReadLimit(64 * 1024)
 	ws.Conn.SetReadDeadline(time.Now().Add(readWait))
 	for {
 		_, message, err := ws.Conn.ReadMessage()