RpcSecurityPolicy class final
Centralized security/robustness limits for transports and parsers.
The goal is to provide consistent defaults across all built-in transports and to make resource-exhaustion and injection-style attacks harder.
This is not authentication/authorization. It is purely about input validation and resource limits.
Constructors
- RpcSecurityPolicy({int maxMessageLengthBytes = 16 * 1024 * 1024, int? maxBufferedBytes, int maxMessagesPerChunk = 1024, int maxActiveStreams = 4096, int maxWebSocketMessageBytes = 64 * 1024 * 1024, int maxChunkedMessageBytes = 64 * 1024 * 1024, int maxChunkCount = 1024, int maxMetadataBytes = 64 * 1024, int maxHeaders = 128, int maxHeaderNameBytes = 128, int maxHeaderValueBytes = 8 * 1024, int maxMethodPathLength = 1024, bool closeOnProtocolError = true})
-
Creates an RpcSecurityPolicy with the given limits.
const
-
RpcSecurityPolicy.fromMap(Map<
String, Object?> map) -
Creates an RpcSecurityPolicy from a plain map, using defaults for missing keys.
factory
Properties
- closeOnProtocolError → bool
-
If true, transports should close the connection on protocol violations.
final
- effectiveMaxBufferedBytes → int
-
Effective max buffered bytes, falling back to message size + prefix when unset.
no setter
- hashCode → int
-
The hash code for this object.
no setterinherited
- maxActiveStreams → int
-
Max number of simultaneously active streams tracked by a transport.
final
- maxBufferedBytes → int?
-
Max buffered bytes for reassembly/parsing of fragmented frames.
final
- maxChunkCount → int
-
Max number of chunks for a single chunked message.
final
- maxChunkedMessageBytes → int
-
Max total bytes allowed while assembling a chunked message.
final
- maxHeaderNameBytes → int
-
Max bytes allowed for a header name (defense against pathological input).
final
- maxHeaders → int
-
Max number of headers inside RpcMetadata.
final
- maxHeaderValueBytes → int
-
Max bytes allowed for a header value.
final
- maxMessageLengthBytes → int
-
Max payload size of a single decoded gRPC message.
final
- maxMessagesPerChunk → int
-
Max number of messages emitted from a single incoming chunk.
final
- maxMetadataBytes → int
-
Max encoded metadata payload size for transports that serialize metadata
(for example, JSON over WebSocket).
final
- maxMethodPathLength → int
-
Max length of
:path/ methodPath strings.final - maxWebSocketMessageBytes → int
-
Max size of a single WebSocket message (including custom headers).
final
- runtimeType → Type
-
A representation of the runtime type of the object.
no setterinherited
Methods
-
isValidHeaderName(
String name) → bool - Header-name validation for transport-level metadata.
-
isValidHeaderValue(
String value) → bool - Header-value validation for transport-level metadata.
-
isValidMethodPath(
String? methodPath) → bool -
Returns true if
methodPathis within the allowed length and non-empty. -
noSuchMethod(
Invocation invocation) → dynamic -
Invoked when a nonexistent method or property is accessed.
inherited
-
toMap(
) → Map< String, Object> - Serializes this policy to a plain map.
-
toString(
) → String -
A string representation of this object.
inherited
-
validateMetadata(
RpcMetadata metadata) → void - Best-effort metadata validation. Throws ArgumentError on violations.
Operators
-
operator ==(
Object other) → bool -
The equality operator.
inherited