Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enforce JSON-RPC response size limits #2201

Merged
merged 4 commits into from
Feb 21, 2024
Merged

Enforce JSON-RPC response size limits #2201

merged 4 commits into from
Feb 21, 2024

Conversation

FrederikBolding
Copy link
Member

Enforces a size limit on JSON-RPC responses from Snaps, throwing an error if the object is larger than 64 MB.

64 MB was chosen because it seems to be the limit set by Chrome for postMessage between the extension and dapps: https://source.chromium.org/chromium/chromium/src/+/main:extensions/renderer/api/messaging/messaging_util.cc;l=65?q=%22Message%20length%20exceeded%20maximum%20allowed%20length%22&ss=chromium

@FrederikBolding FrederikBolding marked this pull request as ready for review February 20, 2024 16:09
@FrederikBolding FrederikBolding requested a review from a team as a code owner February 20, 2024 16:09
@codecov Codecov
Copy link

codecov bot commented Feb 20, 2024
edited
Loading

Codecov Report

Attention: 2 lines in your changes are missing coverage. Please review.

Comparison is base (928bd7f) 96.58% compared to head (e835981) 96.58%.

Files Patch % Lines
...s/snaps-execution-environments/src/common/utils.ts 75.00% 2 Missing ⚠️
Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #2201   +/-   ##
=======================================
  Coverage   96.58%   96.58%           
=======================================
  Files         332      332           
  Lines        7556     7564    +8     
  Branches     1170     1171    +1     
=======================================
+ Hits         7298     7306    +8     
  Misses        258      258

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

hmalik88
hmalik88 reviewed Feb 20, 2024
View reviewed changes
packages/snaps-execution-environments/src/common/utils.ts
* @param response - The response.
* @returns True if the response is valid, otherwise false.
*/
export function isValidResponse(response: Record<string, unknown>) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You have a test for this function, but codecov is saying these lines are uncovered? 🤔

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, utils.ts has better coverage in the browser tests and therefore that is chosen when merging the two coverage reports. Not much we can do about this right now 🤷‍♂️

@FrederikBolding FrederikBolding merged commit fa692b3 into main Feb 21, 2024
149 of 150 checks passed
@FrederikBolding FrederikBolding deleted the fb/json-rpc-response-limits branch February 21, 2024 14:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hmalik88 hmalik88 hmalik88 left review comments

@Mrtenz Mrtenz Mrtenz approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@FrederikBolding @Mrtenz @hmalik88