-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Statically allocating space for 16 headers is too few for redirects from some OAuth providers #21
Comments
A quick note: |
For what it's worth, you're the first one to tell me about this. What's weird is that google is exactly the reason i created this plugin so it's probably the most tested oauth provider - i guess something changed. Do you have a rough estimate on the amount of headers? |
On a fresh Chrome profile, the redirect appears to send exactly 16 headers. However, some users may use browser extensions or have an application-level firewall that adds extra headers to HTTP requests, which is how I ended up with some in the 17-19 range and a TCP server crash without warning or message. I added space for 32 headers in my own app just to account for the case where there are extra headers. Whether or not this is important enough to warrant additional space allocated in the handler function is up to you. I just wanted to bring this to your attention :) Here are all of the incoming headers for one request:
|
tauri-plugin-oauth/src/lib.rs
Line 114 in 50dadbf
Google's OAuth API for web apps will send more than 16 headers, which causes this line:
tauri-plugin-oauth/src/lib.rs
Line 116 in 50dadbf
To throw:
For my use case.
Is this behavior present and noticeable for other users of this plugin?
The text was updated successfully, but these errors were encountered: