fix(envoy-client): remove native websocket input limits#5396
Conversation
ReviewMain concern: unbounded WebSocket message/frame size at an untrusted boundary
By contrast, Test placement: new file should live under
|
8e10574 to
aeeae99
Compare
|
🚅 Deployed to the rivet-pr-5396 environment in rivet-frontend
|
b50153f to
7d55b4f
Compare
7d55b4f to
e0aac20
Compare
bbe89d3 to
c4c500b
Compare
c4c500b to
26a111c
Compare
ReviewGood fix for a real bug (Tungstenite's default 16 MiB message limit disconnecting the native envoy client), and nice to see both a unit test and a guard-to-envoy integration test added. A few things worth addressing before merge: Correctness / repo conventions
Security / defense-in-depth
Test coverage
Unrelated-but-necessary change
Overall: the core fix direction is right, but please fix the commit message before merge, relocate/reshape the tests per the repo's stated conventions, and reconsider using an explicit bounded limit instead of fully unbounded for the untrusted envoy-to-engine leg. |
MessageTooLong, then verify both pass with the unlimited native configuration restored.cargo test -p rivet-envoy-client,cargo check -p rivetkit-core,cargo check -p rivetkit-napi, andcargo test -p rivet-engine --test envoy_large_payload.