Increase default incoming_queue_length limit, log warning when a client violates it (#3171)

gefjon · web-flow · commit 3feed08ceda9 · 2025-08-14T22:18:33.000Z
# Description of Changes Closes #3170 . Commit messages: ### Increase the default incoming-queue-length limit 2048 turned out to be too low a value for BitCraft, as their world upload process requests on the order of 6000 reducers very rapidly. We still feel that having a limit is valuable to prevent malicious or misguided clients from taking an arbitrarily large amount of host memory, so we bump the value to give us a wide safety error for BitCraft's needs but don't remove the limit entirely. ### Add log at `warn` when the host disconnects a client due to too many requests # API and ABI breaking changes N/a # Expected complexity level and risk 1 # Testing - [x] @mamcx to run a BitCraft bot test.
diff --git a/crates/client-api/src/routes/subscribe.rs b/crates/client-api/src/routes/subscribe.rs
@@ -296,7 +296,7 @@ pub struct WebSocketOptions {
     ///
     /// If this number is exceeded, the client is disconnected.
     ///
-    /// Default: 2048
+    /// Default: 16384
     #[serde(default = "WebSocketOptions::default_incoming_queue_length")]
     pub incoming_queue_length: NonZeroUsize,
 }
@@ -311,7 +311,7 @@ impl WebSocketOptions {
     const DEFAULT_PING_INTERVAL: Duration = Duration::from_secs(15);
     const DEFAULT_IDLE_TIMEOUT: Duration = Duration::from_secs(30);
     const DEFAULT_CLOSE_HANDSHAKE_TIMEOUT: Duration = Duration::from_millis(250);
-    const DEFAULT_INCOMING_QUEUE_LENGTH: NonZeroUsize = NonZeroUsize::new(2048).expect("2048 > 0, qed");
+    const DEFAULT_INCOMING_QUEUE_LENGTH: NonZeroUsize = NonZeroUsize::new(16384).expect("16384 > 0, qed");
 
     const DEFAULT: Self = Self {
         ping_interval: Self::DEFAULT_PING_INTERVAL,
@@ -826,7 +826,9 @@ fn ws_recv_queue(
         log::warn!("client {client_id} sent message after close or error");
     };
 
-    let (tx, rx) = mpsc::channel(state.config.incoming_queue_length.get());
+    let max_incoming_queue_length = state.config.incoming_queue_length.get();
+
+    let (tx, rx) = mpsc::channel(max_incoming_queue_length);
     let rx = MeteredReceiverStream {
         inner: MeteredReceiver::with_gauge(
             rx,
@@ -842,6 +844,8 @@ fn ws_recv_queue(
                 match e {
                     // If the queue is full, disconnect the client.
                     mpsc::error::TrySendError::Full(item) => {
+                        let client_id = state.client_id;
+                        log::warn!("Client {client_id} exceeded incoming_queue_length limit of {max_incoming_queue_length} requests");
                         // If we can't send close (send task already terminated):
                         //
                         // - Let downstream handlers know that we're closing,
