Skip to content

Commit c63f3f5

Browse files
MasterPtatoMasterPtato
committed
fix(serverless): add headers validation (#2999)
1 parent e1eb922 commit c63f3f5

File tree

3 files changed

+33
-1
lines changed

3 files changed

+33
-1
lines changed

Cargo.lock

Lines changed: 1 addition & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

packages/services/namespace/Cargo.toml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,9 +9,10 @@ edition.workspace = true
99
anyhow.workspace = true
1010
gas.workspace = true
1111
internal.workspace = true
12+
reqwest.workspace = true
1213
rivet-api-builder.workspace = true
13-
rivet-api-util.workspace = true
1414
rivet-api-types.workspace = true
15+
rivet-api-util.workspace = true
1516
rivet-data.workspace = true
1617
rivet-error.workspace = true
1718
rivet-types.workspace = true

packages/services/namespace/src/ops/runner_config/upsert.rs

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,7 @@ pub async fn namespace_runner_config_upsert(ctx: &OperationCtx, input: &Input) -
4141
match &input.config {
4242
RunnerConfig::Serverless {
4343
url,
44+
headers,
4445
slots_per_runner,
4546
..
4647
} => {
@@ -51,6 +52,35 @@ pub async fn namespace_runner_config_upsert(ctx: &OperationCtx, input: &Input) -
5152
}));
5253
}
5354

55+
if headers.len() > 16 {
56+
return Ok(Err(errors::RunnerConfig::Invalid {
57+
reason: "too many headers (max 16)".to_string(),
58+
}));
59+
}
60+
61+
for (n, v) in headers {
62+
if n.len() > 128 {
63+
return Ok(Err(errors::RunnerConfig::Invalid {
64+
reason: format!("invalid header name: too long (max 128)"),
65+
}));
66+
}
67+
if let Err(err) = n.parse::<reqwest::header::HeaderName>() {
68+
return Ok(Err(errors::RunnerConfig::Invalid {
69+
reason: format!("invalid header name: {err}"),
70+
}));
71+
}
72+
if v.len() > 4096 {
73+
return Ok(Err(errors::RunnerConfig::Invalid {
74+
reason: format!("invalid header value: too long (max 4096)"),
75+
}));
76+
}
77+
if let Err(err) = v.parse::<reqwest::header::HeaderValue>() {
78+
return Ok(Err(errors::RunnerConfig::Invalid {
79+
reason: format!("invalid header value: {err}"),
80+
}));
81+
}
82+
}
83+
5484
// Validate slots per runner
5585
if *slots_per_runner == 0 {
5686
return Ok(Err(errors::RunnerConfig::Invalid {

0 commit comments

Comments
 (0)