cole-bq commented on code in PR #1838:
URL: https://github.com/apache/tinkerpop/pull/1838#discussion_r1030821110
##########
gremlin-server/src/main/java/org/apache/tinkerpop/gremlin/server/channel/WebSocketChannelizer.java:
##########
@@ -108,7 +109,7 @@ public void configure(final ChannelPipeline pipeline) {
closeOnProtocolViolation(false).allowExtensions(true).maxFramePayloadLength(settings.maxContentLength).build();
pipeline.addLast(PIPELINE_REQUEST_HANDLER, new
WebSocketServerProtocolHandler(GREMLIN_ENDPOINT,
null, false, false, 10000L, wsDecoderConfig));
-
+ pipeline.addLast("ws-user-agent-handler", new WsUserAgentHandler());
Review Comment:
Unfortunately in my tests, the user agent handler always triggers before the
authentication handler regardless of the order the handlers are added to the
pipeline. This is the order of events as I understand it:
The handshake is completely controlled by Netty's
`WebSocketServerProtocolHandler`. When the handshake is completed, that handler
fires off a `WebSocketServerProtocolHandler.HandshakeComplete` event which
contains the request headers with the user agent. This event is the only
reasonable place I am aware of that the user agent can be extracted. After this
event has fired, the handshake is complete and the connection has been
successfully upgraded to a web socket connection. The authentication and
authorization handlers then do their work by exchanging messages with the
client through the open web socket connection. This cannot be done until after
the web socket has been established.
I don't see any good way to delay the user agent handler from triggering
until after authentication. We will need to rely on the maxHeaderSize config
limiting the size of any incoming header. I have added a change which imposes a
hard limit of 10000 to the number of unique user agents being added to the
metrics to protect against a malicious user trying to fill memory with millions
of garbage user agents.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
