feat: limit gateway payload size
This commit is contained in:
parent
73a7a6acf6
commit
23036ca0aa
2 changed files with 8 additions and 2 deletions
|
@ -9,6 +9,7 @@ const Channel = require("../../../models/Channel");
|
||||||
const Message = require("../../../models/Message");
|
const Message = require("../../../models/Message");
|
||||||
const { parseMessage, packet } = require("./messageparser");
|
const { parseMessage, packet } = require("./messageparser");
|
||||||
const { checkToken } = require("../../../common/auth/authfunctions");
|
const { checkToken } = require("../../../common/auth/authfunctions");
|
||||||
|
const config = require("../../../config");
|
||||||
|
|
||||||
const wsCloseCodes = {
|
const wsCloseCodes = {
|
||||||
PAYLOAD_ERROR: [4001, "Error while handling payload"],
|
PAYLOAD_ERROR: [4001, "Error while handling payload"],
|
||||||
|
@ -19,7 +20,8 @@ const wsCloseCodes = {
|
||||||
NOT_AUTHORIZED: [4006, "Not authorized"],
|
NOT_AUTHORIZED: [4006, "Not authorized"],
|
||||||
FLOODING: [4007, "Flooding"],
|
FLOODING: [4007, "Flooding"],
|
||||||
NO_PING: [4008, "No ping"],
|
NO_PING: [4008, "No ping"],
|
||||||
UNSUPPORTED_ATTRIBUTE: [4009, "Unsupported attribute."],
|
UNSUPPORTED_ATTRIBUTE: [4009, "Unsupported attribute"],
|
||||||
|
ILLEGAL_PAYLOAD_SIZE: [4010, "Illegal payload size"],
|
||||||
};
|
};
|
||||||
|
|
||||||
const attributes = {
|
const attributes = {
|
||||||
|
@ -287,7 +289,10 @@ class GatewayServer {
|
||||||
ws.session = session;
|
ws.session = session;
|
||||||
ws.on("message", async (data, isBinary) => {
|
ws.on("message", async (data, isBinary) => {
|
||||||
try {
|
try {
|
||||||
if (isBinary || !ws.session) return ws.close(wsCloseCodes.PAYLOAD_ERROR[0], wsCloseCodes.PAYLOAD_ERROR[1]);
|
if (isBinary || !ws.session)
|
||||||
|
return ws.close(wsCloseCodes.PAYLOAD_ERROR[0], wsCloseCodes.PAYLOAD_ERROR[1]);
|
||||||
|
if (data.byteLength > config.gatewayMaxPayloadBytes)
|
||||||
|
return ws.close(wsCloseCodes.ILLEGAL_PAYLOAD_SIZE[0], wsCloseCodes.ILLEGAL_PAYLOAD_SIZE[0]);
|
||||||
const status = await this.handler.handleMessage(ws.session, parseMessage(data.toString()));
|
const status = await this.handler.handleMessage(ws.session, parseMessage(data.toString()));
|
||||||
if (status && status.error) {
|
if (status && status.error) {
|
||||||
return ws.close(status.error[0], status.error[1]);
|
return ws.close(status.error[0], status.error[1]);
|
||||||
|
|
|
@ -37,6 +37,7 @@ module.exports = {
|
||||||
tokenExpiresIn: "8h",
|
tokenExpiresIn: "8h",
|
||||||
gatewayPingInterval: 15000,
|
gatewayPingInterval: 15000,
|
||||||
gatewayPingCheckInterval: 4500,
|
gatewayPingCheckInterval: 4500,
|
||||||
|
gatewayMaxPayloadBytes: 4096,
|
||||||
clientFacingPingInterval: 14750,
|
clientFacingPingInterval: 14750,
|
||||||
bcryptRounds: 10,
|
bcryptRounds: 10,
|
||||||
experiments: {
|
experiments: {
|
||||||
|
|
Reference in a new issue