docs(client): note hostile-peer SSE bypass on maxResponseBytes (#1757)#1760
Open
bokelley wants to merge 1 commit into
Open
docs(client): note hostile-peer SSE bypass on maxResponseBytes (#1757)#1760bokelley wants to merge 1 commit into
maxResponseBytes (#1757)#1760bokelley wants to merge 1 commit into
Conversation
Append a hostile-peer caveat to the `TransportOptions.maxResponseBytes` TSDoc: a peer can opt out of the cap by responding with `Content-Type: text/event-stream`. Frame-incremental consumption in the MCP/A2A SDKs keeps this from being a memory bomb for well-formed transports, but adopters relying on the cap as a hostile-server defense should treat it as best-effort for non-SSE responses only. Follow-up to #1750 (the SSE-bypass fix) and #1176 (origin).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Closes #1757.
Appends a hostile-peer caveat to the
TransportOptions.maxResponseBytesTSDoc insrc/lib/protocols/index.ts. The existing@remarksblock already documents the SSE pass-through as a feature (so legitimate long-lived buyer sessions aren't torn down). This adds a second@remarksblock immediately after it, naming the corollary: a peer can opt itself out of the cap by responding withContent-Type: text/event-stream.Why this matters: MCP and A2A both stream tool responses as SSE, and cumulative event-frame bytes are unbounded by spec. The MCP/A2A SDKs consume SSE incrementally and frame termination bounds memory in practice, so this is not a memory-bomb risk for well-formed transports — but adopters relying on
maxResponseBytesas a hostile-server defense should treat it as best-effort for non-SSE responses only.Docs-only. No behavior change. Patch changeset per CLAUDE.md changeset conventions (library TSDoc ships in the published package).
Context:
maxResponseBytesby claimingContent-Type: text/event-stream#1757 — this issue.enforceSizeLimitshould bypasstext/event-streamresponses #1176 — originalmaxResponseBytesissue.Test plan
npm run format:checkclean.npm run typecheckclean.