You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Socket.io's server uses a default value of 1MB for its maxHttpBufferSize option to reduce exposure to denial of service attacks. Cypress sets a value of 100MB today to match a previous default value and maintain passivity.
The max value should be increased to reduce the chance of reaching the limit. Documentation should also be added make the limit explicitly known, whether we increase it or not. The documentation may make the most sense around the readFile/writeFile commands and other commands where size may be a concern.
Why is this needed?
The current 100MB value seems arbitrary. Given that DoS attacks aren't a concern for our local server, we should be able to increase this value to the maximum supported value and ensure this isn't a limitation for users.
What would you like?
Socket.io's server uses a default value of 1MB for its
maxHttpBufferSize
option to reduce exposure to denial of service attacks. Cypress sets a value of 100MB today to match a previous default value and maintain passivity.The max value should be increased to reduce the chance of reaching the limit. Documentation should also be added make the limit explicitly known, whether we increase it or not. The documentation may make the most sense around the readFile/writeFile commands and other commands where size may be a concern.
Why is this needed?
The current 100MB value seems arbitrary. Given that DoS attacks aren't a concern for our local server, we should be able to increase this value to the maximum supported value and ensure this isn't a limitation for users.
Other
The maxHttpBufferSize will be bounded by Buffer's maximum size.
This was originally investigated as part of #3350.
The text was updated successfully, but these errors were encountered: