From 16d4242d4a13277011e668085d107197e66a8f85 Mon Sep 17 00:00:00 2001 From: AlexD10S Date: Tue, 11 Feb 2025 19:25:34 +0100 Subject: [PATCH 1/2] fix: increase DefaultBodyLimit to prevent large payload failures --- crates/pop-cli/src/wallet_integration.rs | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/crates/pop-cli/src/wallet_integration.rs b/crates/pop-cli/src/wallet_integration.rs index 92e3395e..ff1b9125 100644 --- a/crates/pop-cli/src/wallet_integration.rs +++ b/crates/pop-cli/src/wallet_integration.rs @@ -1,4 +1,5 @@ use axum::{ + extract::DefaultBodyLimit, http::HeaderValue, response::Html, routing::{get, post}, @@ -116,7 +117,8 @@ impl WalletIntegrationManager { .route("/error", post(routes::error_handler).with_state(state.clone())) .route("/terminate", post(routes::terminate_handler).with_state(state.clone())) .merge(frontend.serve_content()) // Custom route for serving frontend. - .layer(cors); + .layer(cors) + .layer(DefaultBodyLimit::max(15 * 1024 * 1024)); let url_owned = server_url.to_string(); @@ -546,6 +548,19 @@ mod tests { assert_eq!(actual_payload.chain_rpc, expected_payload.chain_rpc); assert_eq!(actual_payload.call_data, call_data_5mb); + let encoded_payload: String = call_data_5mb.iter().map(|b| format!("{:02x}", b)).collect(); + let client = reqwest::Client::new(); + let response = client + .post(&format!("{}/submit", addr)) + .json(&encoded_payload) + .send() + .await + .expect("Failed to send large payload"); + + assert!(response.status().is_success()); + let error = wim.take_error().await; + assert!(error.is_none()); + wim.terminate().await.expect("Termination should not fail."); assert!(wim.task_handle.await.is_ok()); } From 7d7972061447b40cf677d6d9424687fa6f82c2ba Mon Sep 17 00:00:00 2001 From: AlexD10S Date: Tue, 11 Feb 2025 21:47:27 +0100 Subject: [PATCH 2/2] test: increase coverage testing with larger than MAX_PAYLOAD_SIZE --- crates/pop-cli/src/wallet_integration.rs | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/crates/pop-cli/src/wallet_integration.rs b/crates/pop-cli/src/wallet_integration.rs index ff1b9125..8304b7d5 100644 --- a/crates/pop-cli/src/wallet_integration.rs +++ b/crates/pop-cli/src/wallet_integration.rs @@ -14,6 +14,8 @@ use tokio::{ }; use tower_http::{cors::Any, services::ServeDir}; +const MAX_PAYLOAD_SIZE: usize = 15 * 1024 * 1024; + /// Make frontend sourcing more flexible by allowing a custom route to be defined. pub trait Frontend { /// Serves the content via a [Router]. @@ -118,7 +120,7 @@ impl WalletIntegrationManager { .route("/terminate", post(routes::terminate_handler).with_state(state.clone())) .merge(frontend.serve_content()) // Custom route for serving frontend. .layer(cors) - .layer(DefaultBodyLimit::max(15 * 1024 * 1024)); + .layer(DefaultBodyLimit::max(MAX_PAYLOAD_SIZE)); let url_owned = server_url.to_string(); @@ -561,6 +563,20 @@ mod tests { let error = wim.take_error().await; assert!(error.is_none()); + let call_data_15mb = vec![99u8; MAX_PAYLOAD_SIZE + 1]; + let encoded_oversized_payload: String = + call_data_15mb.iter().map(|b| format!("{:02x}", b)).collect(); + let response = client + .post(&format!("{}/submit", addr)) + .json(&encoded_oversized_payload) + .send() + .await; + + assert!( + response.is_err() || + response.unwrap().status() == reqwest::StatusCode::PAYLOAD_TOO_LARGE + ); + wim.terminate().await.expect("Termination should not fail."); assert!(wim.task_handle.await.is_ok()); }