New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Terminate unauthenticated connections after a timeout #226
Labels
Comments
yasserf
added a commit
that referenced
this issue
Jul 27, 2016
yasserf
added a commit
that referenced
this issue
Jul 27, 2016
timaschew
added a commit
that referenced
this issue
Jul 28, 2016
…nections Conflicts: CHANGELOG.md src/message/connection-endpoint.js
yasserf
added a commit
that referenced
this issue
Jul 28, 2016
yasserf
added a commit
that referenced
this issue
Jul 28, 2016
yasserf
added a commit
that referenced
this issue
Jul 28, 2016
yasserf
added a commit
that referenced
this issue
Jul 28, 2016
…thenticated-connections Feature/#226 terminate unauthenticated connections
jaime-ez
pushed a commit
to jaime-ez/deepstream.io
that referenced
this issue
Feb 20, 2024
* provide accept and reject as property of the third argument in the listen callback * add link to deprecated issue * fix some listening issues - unlisten and listen - ignore pattern removed after unlistening - ignore has provider after discarding * Adding new-e2e gherkin tests to build
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Deepstream allows every client to establish a connection, but keeps it in a quarantine state until it is authenticated. Currently, unauthenticated connections are kept indefinitely. This might lead to an attack angle of clogging deepstream up with unauthenticated connections. We could mitigate that by forcefully disconnecting unauthenticated connections after a pre-defined timeout.
The text was updated successfully, but these errors were encountered: