limit response for HTTP adapters to 32kb #1278
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dimroc
force-pushed
the
chores/limit-http-get
branch
from
75560ae to
23ab08c
Compare
j16r
reviewed
May 28, 2019
| // too (it returns (0, nil) even at EOF). | ||
| toRead = 1 | ||
| } | ||
| if int64(len(p)) > toRead { |
There was a problem hiding this comment.
Would it be better to use a uint64 here for toRead and remaining to avoid an overflow?
There was a problem hiding this comment.
I kept it as a int64 because this variable is also shared with the RequestSizeLimiter, used in router.go as middleware, and takes an int64.
engine.Use(
limits.RequestSizeLimiter(config.DefaultHTTPLimit()), // <--- int64 also used here
loggerFunc(),
gin.Recovery(),
cors,
secureMiddleware(config),
)https://github.com/gin-contrib/size/blob/master/size.go#L79
func RequestSizeLimiter(limit int64) gin.HandlerFunc {Wanted to avoid punting the overflow to when I cast a uint64 to int64. I'm indifferent though, so open to suggestions.
| func TestHttpAdapters_NotAUrlError(t *testing.T) { | ||
| t.Parallel() | ||
|
|
||
| store := leanStore() |
| if err == io.EOF { | ||
| mbr.sawEOF = true | ||
| } | ||
| if mbr.remaining == 0 { |
There was a problem hiding this comment.
Why would we cal mbr.rc.Read if mbr.remaining == 0?
There was a problem hiding this comment.
I believe this is captured in this comment, but let's chat offline about it:
// The underlying io.Reader may not return (0, io.EOF)
// at EOF if the requested size is 0, so read 1 byte
// instead. The io.Reader docs are a bit ambiguous
// about the return value of Read when 0 bytes are
// requested, and {bytes,strings}.Reader gets it wrong
// too (it returns (0, nil) even at EOF).
Referenced from: https://github.com/gin-contrib/size/blob/master/size.go#L33
j16r
approved these changes
May 29, 2019
mateusz-sekara
pushed a commit
that referenced
this pull request
Aug 20, 2024
## Motivation Static price removal job rollout will be delayed to after 1.5 release. To unblock db load concerns in 1.4.21 which writes prices to db, we want to reduce number of token-price related insertions in db. ## Solution Separate gas price and token price insertion frequency, insert every 10 minutes for token price. 10-min resolution for token price is accurate enough for our use case.
github-merge-queue bot
pushed a commit
that referenced
this pull request
Aug 20, 2024
* Separate token price reporting schedule (#1278) ## Motivation Static price removal job rollout will be delayed to after 1.5 release. To unblock db load concerns in 1.4.21 which writes prices to db, we want to reduce number of token-price related insertions in db. ## Solution Separate gas price and token price insertion frequency, insert every 10 minutes for token price. 10-min resolution for token price is accurate enough for our use case. * Changeset --------- Co-authored-by: Chunkai Yang <[email protected]>
asoliman92
pushed a commit
that referenced
this pull request
Aug 28, 2024
## Motivation Static price removal job rollout will be delayed to after 1.5 release. To unblock db load concerns in 1.4.21 which writes prices to db, we want to reduce number of token-price related insertions in db. ## Solution Separate gas price and token price insertion frequency, insert every 10 minutes for token price. 10-min resolution for token price is accurate enough for our use case.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Note that this implementation ignores http header
Content-Lengthbecause a malicious user could lie, and we would have to count the bytes of the payload anyways.