feat(SimpleWebTransport): adding option to configure handshakeMaxSize

Assets/Mirror/Runtime/Transport/SimpleWebTransport/Common/ReceiveLoop.cs

@@ -114,7 +114,6 @@ static void ReadOneMessage(Config config, byte[] buffer)
                 offset = ReadHelper.Read(stream, buffer, offset, Constants.ShortLength);
             }
 
-
             MessageProcessor.ValidateHeader(buffer, maxMessageSize, expectMask);
 
             if (expectMask)

Assets/Mirror/Runtime/Transport/SimpleWebTransport/Server/ServerHandshake.cs

@@ -17,14 +17,15 @@ internal class ServerHandshake
         const int MergedKeyLength = 60;
         const string KeyHeaderString = "Sec-WebSocket-Key: ";
         // this isnt an offical max, just a reasonable size for a websocket handshake
-        const int maxHttpHeaderSize = 3000;
+        readonly int maxHttpHeaderSize = 3000;
 
         readonly SHA1 sha1 = SHA1.Create();
         readonly BufferPool bufferPool;
 
-        public ServerHandshake(BufferPool bufferPool)
+        public ServerHandshake(BufferPool bufferPool, int handshakeMaxSize)
         {
             this.bufferPool = bufferPool;
+            this.maxHttpHeaderSize = handshakeMaxSize;
         }
 
         ~ServerHandshake()

Assets/Mirror/Runtime/Transport/SimpleWebTransport/Server/SimpleWebServer.cs

@@ -11,12 +11,14 @@ public class SimpleWebServer
         readonly WebSocketServer server;
         readonly BufferPool bufferPool;
 
-        public SimpleWebServer(int maxMessagesPerTick, TcpConfig tcpConfig, int maxMessageSize, SslConfig sslConfig)
+        public SimpleWebServer(int maxMessagesPerTick, TcpConfig tcpConfig, int maxMessageSize, int handshakeMaxSize, SslConfig sslConfig)
         {
             this.maxMessagesPerTick = maxMessagesPerTick;
-            bufferPool = new BufferPool(5, 20, maxMessageSize);
+            // use max because bufferpool is used for both messages and handshake
+            int max = Math.Max(maxMessageSize, handshakeMaxSize);
+            bufferPool = new BufferPool(5, 20, max);
 
-            server = new WebSocketServer(tcpConfig, maxMessageSize, sslConfig, bufferPool);
+            server = new WebSocketServer(tcpConfig, maxMessageSize, handshakeMaxSize, sslConfig, bufferPool);
         }
 
         public bool Active { get; private set; }

Assets/Mirror/Runtime/Transport/SimpleWebTransport/Server/WebSocketServer.cs

@@ -24,13 +24,13 @@ public class WebSocketServer
 
         int _idCounter = 0;
 
-        public WebSocketServer(TcpConfig tcpConfig, int maxMessageSize, SslConfig sslConfig, BufferPool bufferPool)
+        public WebSocketServer(TcpConfig tcpConfig, int maxMessageSize, int handshakeMaxSize, SslConfig sslConfig, BufferPool bufferPool)
         {
             this.tcpConfig = tcpConfig;
             this.maxMessageSize = maxMessageSize;
             sslHelper = new ServerSslHelper(sslConfig);
             this.bufferPool = bufferPool;
-            handShake = new ServerHandshake(this.bufferPool);
+            handShake = new ServerHandshake(this.bufferPool, handshakeMaxSize);
         }
 
         public void Listen(int port)

Assets/Mirror/Runtime/Transport/SimpleWebTransport/SimpleWebTransport.cs

@@ -18,6 +18,9 @@ public class SimpleWebTransport : Transport
         [Tooltip("Protect against allocation attacks by keeping the max message size small. Otherwise an attacker might send multiple fake packets with 2GB headers, causing the server to run out of memory after allocating multiple large packets.")]
         public int maxMessageSize = 16 * 1024;
 
+        [Tooltip("Max size for http header send as handshake for websockets")]
+        public int handshakeMaxSize = 3000;
+
         [Tooltip("disables nagle algorithm. lowers CPU% and latency but increases bandwidth")]
         public bool noDelay = true;
 
@@ -37,7 +40,7 @@ public class SimpleWebTransport : Transport
         public bool sslEnabled;
         [Tooltip("Path to json file that contains path to cert and its password\n\nUse Json file so that cert password is not included in client builds\n\nSee cert.example.Json")]
         public string sslCertJson = "./cert.json";
-        public SslProtocols sslProtocols = SslProtocols.Ssl3 | SslProtocols.Tls12;
+        public SslProtocols sslProtocols = SslProtocols.Tls12;
 
         [Header("Debug")]
         [Tooltip("Log functions uses ConditionalAttribute which will effect which log methods are allowed. DEBUG allows warn/error, SIMPLEWEB_LOG_ENABLED allows all")]
@@ -227,7 +230,7 @@ public override void ServerStart()
             }
 
             SslConfig config = SslConfigLoader.Load(this);
-            server = new SimpleWebServer(serverMaxMessagesPerTick, TcpConfig, maxMessageSize, config);
+            server = new SimpleWebServer(serverMaxMessagesPerTick, TcpConfig, maxMessageSize, handshakeMaxSize, config);
 
             server.onConnect += OnServerConnected.Invoke;
             server.onDisconnect += OnServerDisconnected.Invoke;