Skip to content

Commit

Permalink
Add limits to the number of router rule registration (#1752)
Browse files Browse the repository at this point in the history 
Limitations are set to the following values:
* max conditions: 1024
* max depth: 10
(Please see the PR description to understand how they are counted)

TypeError on exceeding the limits.

---------

Co-authored-by: Yoshisato Yanagisawa <[email protected]>
Co-authored-by: Domenic Denicola <[email protected]>
  • Loading branch information
@sisidovski @yoshisatoyanagisawa @domenic
3 people authored Feb 10, 2025
1 parent b6ac20c commit b05ac32
Showing 1 changed file with 50 additions and 0 deletions.
50 changes: 50 additions & 0 deletions docs/index.bs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1602,6 +1602,10 @@ spec: storage; urlPrefix: https://storage.spec.whatwg.org/
};
</pre>

A <dfn id="dfn-count-router-condition-result">count router condition result</dfn> is a [=struct=] that consists of:
* A <dfn id="dfn-count-router-condition-result-condition-count" for="count router condition result">condition count</dfn> (a number).
* A <dfn id="dfn-dfn-count-router-condition-result-quota-exceeded" for="count router condition result">quota exceeded</dfn> (a boolean).

<section>
<h4 id="register-router-method">{{InstallEvent/addRoutes(rules)|event.addRoutes(rules)}}</h4>

Expand Down Expand Up @@ -1629,6 +1633,7 @@ spec: storage; urlPrefix: https://storage.spec.whatwg.org/
1. For each |rule| of |rules|:
1. Append |rule| to |allRules|.

1. If running the [=Check Router Registration Limit=] with |allRules| returns false, reject |promise| with a {{TypeError}}.
1. Set |serviceWorker|'s [=service worker/list of router rules=] to |allRules|.
1. Let |serviceWorkerEventLoop| be the [=current global object=]'s [=event loop=].
1. [=Queue a task=] to run the following steps on |serviceWorkerEventLoop| using the [=DOM manipulation task source=]:
Expand Down Expand Up @@ -3473,6 +3478,51 @@ spec: storage; urlPrefix: https://storage.spec.whatwg.org/
1. Return true.
</section>

<section algorithm>
<h3 id="check-router-registration-limit"><dfn>Check Router Registration Limit</dfn></h3>

: Input
:: |routerRules|, a [=list of router rules=]
: Output
:: a boolean

Note: Router conditions can be complex and nested using {{RouterCondition/_or}} and {{RouterCondition/not}}. To prevent excessive processing, this algorithm introduces two limits. First, the total number of conditions, counting all nested conditions, cannot exceed 1024. Second, the nesting depth is limited to 10 levels to avoid exponential computation.

1. Let |result| be a [=count router condition result=].
1. Set |result|'s [=count router condition result/condition count=] to 1024.
1. Set |result|'s [=count router condition result/quota exceeded=] to false.
1. [=list/For each=] |rule| of |routerRules|:
1. Set |result| to be the result of running [=Count Router Inner Conditions=] with |rule|["{{RouterRule/condition}}"], |result|, and 10.
1. If |result|'s [=count router condition result/quota exceeded=] is true, return false.
1. Return true.
</section>

<section algorithm>
<h3 id="count-router-inner-conditions"><dfn>Count Router Inner Conditions</dfn></h3>

: Input
:: |condition|, a {{RouterCondition}}
:: |result|, a [=count router condition result=]
:: |depth|, a number
: Output
:: |result|, a [=count router condition result=]

1. Decrement |result|'s [=count router condition result/condition count=] by one.
1. If |result|'s [=count router condition result/condition count=] is zero, or |depth| is zero, then:
1. Set |result|'s [=count router condition result/quota exceeded=] to be true.
1. Return |result|.
1. If |condition|["{{RouterCondition/_or}}"] [=map/exists=], then:
1. Decrement |depth| by one.
1. For each |orCondition| of |condition|["{{RouterCondition/_or}}"]:
1. Set |result| to be the result of running [=Count Router Inner Conditions=] with |orCondition|, |result|, and |depth|.
1. If |result|'s [=count router condition result/quota exceeded=] is true, return |result|.
1. Else if |condition|["{{RouterCondition/not}}"] [=map/exists=], then:
1. Decrement |depth| by one.
1. Set |result| to be the result of running [=Count Router Inner Conditions=] with |condition|["{{RouterCondition/not}}"], |result|, and |depth|.
1. If |result|'s [=count router condition result/quota exceeded=] is true, return |result|.
1. Return |result|.
</section>

<section algorithm>
<h3 id="get-router-source-algorithm"><dfn>Get Router Source</dfn></h3>
: Input
Expand Down

0 comments on commit b05ac32

Please sign in to comment.