New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
issue #5247 add restriction when rendering large message #5248
Conversation
From Roma from #4841
|
@sosnovsky may I hear your suggestion about the following:
Is it acceptable to repeat the same file 50 times during testing for inline attachments? Also, since RSA keys tend to have larger ASCII armor compared to ECC curve keys, can we generate an ECC key and include 50 copies of the same key within the encrypted message for testing purposes? |
Yes, I think it's acceptable to use the same file and same key for testing purposes, as here our main goal is to test extension performance with big number of attachments. |
…ge-encrypted-message
Thanks @sosnovsky I have completed the test and this is what I observed. The FlowCrypt browser extension was able to render 50 inline public keys and 50 inline attachments (via ECP page) without any issues. However, it crashes when trying to render a regular public key attachment with approximately ~800 bytes (ecc curve key). Although occasionally it can still be rendered successfully, there is a greater chance of failure. After conducting several tests, I found that the extension can manage up to 40 regular public key attachments, but this might vary depending on the user's computer device specifications. 50 inline public key: https://mail.google.com/mail/u/flowcrypt.compatibility@gmail.com/#inbox/FMfcgzGsnLNMchfzwnbrkjKdsbLcgWxB |
It seems that the attachment in an encrypted MIME message is not recognized by the FlowCrypt browser extension. Sample encrypted mime message: https://mail.google.com/mail/u/flowcrypt.compatibility@gmail.com/#inbox/FMfcgzGsnLNMcnLqxmcDmbBfNbZbnJfr |
Do you think this PR is good for implementing the large text restriction? In my opinion, we should settle the following on another PR?
|
Does it crash browser or just some error is shown? Is there any message in console?
Yes, let's implement only max text length restriction in current PR. For attachments limit we should better think about possible implementation, as it can work well for 100 small attachments, but also can fail for 50 public keys attachments. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Current implementation works well for text-only message, but if message include some inline images then it's trimmed incorrectly. I tried to send email with such content (using Rich text (PGP/MIME)
in Firefox):
Please check this image:
[100kb inline image]
When recipient receives this message then shown content is only Please check this image:
, as image exceeds 50000 size limit. decryptedContent
for this message looks like this:
<div dir="ltr">Please check this image:<br></div><div><br></div><div><img src="data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAASABIAAD....
I also checked how Gmail trims long messages - it has size limit 102kb, but this includes only message html code, without inline attachments. So let's make our trimming similar to Gmail:
- increase limit from 50000 to 100000
- don't include inline attachments data in this limit
60b7475
to
9fae03d
Compare
Thank you very much for sharing it. I have updated the code and the test. I have to remove the test for signed mime messages for large messages because it is now too large for Gmail to handle (100k + mime messages). Hence, I just replaced it with another that ensures that data belonging to an inline message would not be part of the decrypt content length evaluation. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Works well 👍
This PR This PR adds restriction when rendering large message that goes beyond 50k characters.
close #5247
Tests (delete all except exactly one):
To be filled by reviewers
I have reviewed that this PR... (tick whichever items you personally focused on during this review):