dohertj2/wwtools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

mbproxy: remediate the 2026-05-16 code-review findings

Browse Source 
Fixes every finding from the codereviews/2026-05-16 multi-agent review
(2 Critical, 20 Major, 38 Minor) and adds that review to the repo.

Highlights: dashboard XSS escape; response cache invalidated on the
write request (not just the response); ReloadValidator now runs at
startup so port collisions / duplicate names / malformed Resilience
profiles fail fast; AdminPort 0 genuinely disables the admin endpoint;
PlcListener accept-loop faults propagate to the supervisor's faulted
path; reconciler Restart builds before removing; Resilience pipelines
are restart-only from a frozen snapshot; multiplexer connect-race leak,
watchdog party-list snapshot, backend-response and FC16 framing
validation; frontend reconnect retry and util.js load guard; plus the
log-event/doc drift sweep and test-port hygiene.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Joseph Doherty
2026-05-16 18:08:06 -04:00
parent 0308490aef
commit b222362ce0
45 changed files with 1735 additions and 151 deletions
Download Patch File Download Diff File Expand all files Collapse all files
mbproxy/tests/Mbproxy.Tests/Proxy/Multiplexing/MultiplexerE2ETests.cs
+6
View File
@@ -342,6 +342,9 @@ public sealed class MultiplexerE2ETests
["Mbproxy:Connection:BackendConnectTimeoutMs"] = "3000",
// Long request timeout so the watchdog doesn't fire during the test's wait window.
["Mbproxy:Connection:BackendRequestTimeoutMs"] = "30000",
// This test exercises backend disconnect, not keepalive — disable keepalive so
// the 30 s request timeout above doesn't trip the heartbeat cross-field rule.
["Mbproxy:Connection:Keepalive:Enabled"] = "false",
// Aggressive backend retry so the second connect happens fast.
["Mbproxy:Resilience:BackendConnect:MaxAttempts"] = "5",
["Mbproxy:Resilience:BackendConnect:BackoffMs:0"] = "50",
@@ -458,8 +461,11 @@ public sealed class MultiplexerE2ETests
var config = MakeBaseConfig(proxyPort);
config["Mbproxy:AdminPort"] = adminPort.ToString();
// Short idle window so the heartbeat fires several times within the test budget.
// BackendRequestTimeoutMs is lowered below the 700 ms idle window so the
// heartbeat cross-field rule (idle > request timeout) holds.
config["Mbproxy:Connection:Keepalive:Enabled"] = "true";
config["Mbproxy:Connection:Keepalive:BackendHeartbeatIdleMs"] = "700";
config["Mbproxy:Connection:BackendRequestTimeoutMs"] = "500";
var host = BuildBcdHost(config);
using var startCts = new CancellationTokenSource(TimeSpan.FromSeconds(3));