validate content size a la ssb-validate #2
Conversation
|
Proposal - think we might want to change out validation to what planetary is doing:
|
|
Thanks, well spotted. It seems that this validation was on my mind when I was writing this module, but for some reason I forgot it.
Gladly this module is not yet in production in Manyverse (it will be put this month into production!) so your PR came at the perfect time. I don't believe ssb-classic is used anywhere in production, maybe in Perihelion. Not sure. The style changes were driving me crazy in this PR, but I realized that that's because we didn't have .prettierrc (we should) and that format-code is run automatically for every commit. I now added the prettierrc config and it should revert some of the code style changes. |
|
Please take over and merge if it's patches |
|
@mixmix There's still a test that needs to be moved from ssbc/ssb-db2#394 to here. I won't "take over" this PR because it wasn't my initiative. I had other plans for my day. |
|
@staltz added tests |
|
Thanks! |
馃敟 馃悰
this module has been letting messages through that other peers consider invalid.
The reference implementation put a cap on the content size, see https://github.com/ssbc/ssb-validate/blob/main/index.js#L111
It appears that this module has not honoured that.
This means that there will likely be messages in the wild which are invalid for some peers and valid for others.
I think we need to consider how to handle that given it might have far reaching + feed-killing effects