Add MCP health check and profile lookup helpers#19
Open
anhtahaylove wants to merge 2 commits into
Open
Conversation
chovizzz
added a commit
to chovizzz/ShardBrowser
that referenced
this pull request
Jul 9, 2026
…roxyShard#19) Snapshot download previously read the whole blob (up to 512 MiB) into a Vec<u8> before returning, with no concurrency cap — a burst of lock holders pulling at once could exhaust server memory/bandwidth. Server (server/src/routes/locks.rs, blob.rs, state.rs, main.rs): - Stream the blob straight from disk via tokio_util ReaderStream + axum Body::from_stream instead of buffering it. - New download_slots semaphore (8) mirrors upload_slots: acquire a permit AFTER the ACL + lock-token + row-existence checks (so an unauthorized/non-holder request can't consume a slot), then move it into a GuardedReader that owns it for the whole streamed transfer — released when the stream drains or the client disconnects. 429 + Retry-After when saturated. - Defense-in-depth: verify the on-disk blob length matches the recorded snap.size before streaming, so corruption/tampering fails loudly rather than serving a body that contradicts Content-Length. - Advertise Content-Length from snap.size. Launcher (src-tauri/src/sync.rs): - download() retries a 429 up to 5 attempts, honoring a clamped (1..=10s) Retry-After, before surfacing an error — so a transient download-slot saturation degrades to a short wait instead of aborting the launch. The LeaseGuard keeps renewing across the wait. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
health_checkfor ShardX Launcher API reachability/auth checksfind_profile_by_nameto locate profiles by id/name without returning full fingerprint configensure_profile_startedto idempotently resolve/start a profile and return its CDP endpointsafe_open_urlto resolve/start a profile, open anhttp(s)URL, and return title/url for MCP smoke checksSHARDX_API/SHARDX_TOKENfrom Windows user environment when stdio clients strip custom env varsWhy
These helpers make MCP clients safer to bootstrap and automate against ShardX Launcher:
SHARDX_TOKENis valid before mutating callsThis PR intentionally does not change browser engine behavior, fingerprint behavior, profile isolation, or the launcher API contract.
Test
node --check mcp/index.jshealth_checkauthenticated with token from Windows user env fallbackfind_profile_by_namefoundVN Automation 001 - No Proxyensure_profile_startedreturned an existing CDP endpointsafe_open_urlopenedhttps://example.com/and returnedExample Domainsafe_open_urlrejectedfile://...withsafe_open_url only supports http(s) URLs