Skip to content

fix: trustless gateway returned blocks can be limited #791

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 15 commits into from
Jun 2, 2025
Merged

fix: trustless gateway returned blocks can be limited #791

merged 15 commits into from
Jun 2, 2025

Conversation

SgtPooki
Copy link
Member

@SgtPooki SgtPooki commented May 13, 2025
edited
Loading

  • fix: create utility function for limiting response bytes
  • fix: trustless gateway returned blocks can be limited

Title

fix: trustless gateway returned blocks can be limited

Description

Adds a new utility function limitedResponse that ensures the response body is less than a given byte limit.

This is done by:

  1. Validating that the content-length header is less than the limit, if not, an error is thrown.
  2. Consuming the response body until the limit is reached. If the response body is greater than the limit, an error is thrown.

Fixes #790

Notes & open questions

Change checklist

  • I have performed a self-review of my own code
  • I have made corresponding changes to the documentation if necessary (this includes comments as well)
  • I have added tests that prove my fix is effective or that my feature works

@SgtPooki SgtPooki requested a review from a team as a code owner May 13, 2025 16:26
@SgtPooki SgtPooki linked an issue May 13, 2025 that may be closed by this pull request
helia/http: configurable MaxBlockSize #790
Closed
SgtPooki
SgtPooki commented May 13, 2025
View reviewed changes
Copy link
Member Author

@SgtPooki SgtPooki left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

self review

achingbrain
achingbrain requested changes May 13, 2025
View reviewed changes
Copy link
Member

@achingbrain achingbrain left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, a few nits inline.

@SgtPooki SgtPooki mentioned this pull request May 14, 2025
Open
@SgtPooki SgtPooki requested a review from achingbrain May 14, 2025 18:58
@SgtPooki
fix: dont await reader.cancel in finally
6ce5ff9 
use lowercase for logs; sentence case for error messages
@SgtPooki
Copy link
Member Author

FYI all of the requested changes have been made. lmk if I missed something. I'll look over all the code again now

SgtPooki
SgtPooki commented May 15, 2025
View reviewed changes
Copy link
Member Author

@SgtPooki SgtPooki left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

self review

packages/block-brokers/src/trustless-gateway/utils.ts
* If the response contains a content-length header greater than the limit or the actual bytes returned are greater than
* the limit, an error is thrown.
*/
export async function limitedResponse (response: Response, byteLimit: number, options?: LimitedResponseOptions): Promise<Uint8Array> {
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I left the property name here as byteLimit but could change to maxSize if we want.. leaving for now

lidel
lidel reviewed May 16, 2025
View reviewed changes
@SgtPooki SgtPooki merged commit 7a52e95 into main Jun 2, 2025
18 checks passed
@SgtPooki SgtPooki deleted the 790-heliahttp-configurable-maxblocksize branch June 2, 2025 14:21
@achingbrain achingbrain mentioned this pull request Jun 2, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lidel lidel lidel left review comments

@achingbrain achingbrain Awaiting requested review from achingbrain

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

helia/http: configurable MaxBlockSize
3 participants
@SgtPooki @lidel @achingbrain