[Bug]: Availability: JSON DoS Vulnerability:An attacker sends a very large JSON message (like 100MB) to the server.



### Why issue:
**An attacker sends a very large JSON message (like 100MB) to the server.
The server tries to parse it immediately on the main thread, which takes a long time and blocks everything else.
During that time, no other users can use the system, causing a Denial of Service.**



**Issue**: JSON.parse(raw) is called on the main thread without checking payload size.

**Fix**: Check data.length before parsing and reject messages larger than a specific limit (e.g., 10KB).

**Why**?: An attacker can send a massive JSON string (e.g., 100MB), causing the single-threaded server to freeze while parsing it (Denial of Service).

### Steps to Reproduce

N/A

### Expected Behavior

n/A

### Desktop Operating System

Windows 10

### Mobile Device (Client)

N/A

### Rein Version

1

### Console Logs / Error Messages

```shell
N/A
```

### Screenshots / Recordings

N/A

### Checklist

- [x] I have searched for existing issues to avoid duplicates

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Bug]: Availability: JSON DoS Vulnerability:An attacker sends a very large JSON message (like 100MB) to the server. #88

Why issue:

Steps to Reproduce

Expected Behavior

Desktop Operating System

Mobile Device (Client)

Rein Version

Console Logs / Error Messages

Screenshots / Recordings

Checklist

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

[Bug]: Availability: JSON DoS Vulnerability:An attacker sends a very large JSON message (like 100MB) to the server. #88

Description

Why issue:

Steps to Reproduce

Expected Behavior

Desktop Operating System

Mobile Device (Client)

Rein Version

Console Logs / Error Messages

Screenshots / Recordings

Checklist

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions