Add WebSocket message body size limit to prevent memory exhaustion via large payloads

[RUKAYAT-CODER]

Overview

src/collaboration/collaboration.gateway.ts accepts WebSocket messages from clients with no size validation. A malicious client can send megabyte-scale operation payloads, exhausting server-side memory during JSON parsing or OT transformation.

Specifications

Features:

• Reject WebSocket messages exceeding a configurable size limit (default 64KB for collaboration operations).

Tasks:

• In each @SubscribeMessage handler, measure JSON.stringify(payload).length and throw WsException if over the limit.
• Read the limit from ConfigService (WS_MAX_PAYLOAD_BYTES).
• Alternatively, configure maxHttpBufferSize on the Socket.IO server in main.ts.
• Add unit tests that emit oversized payloads and verify rejection.

Impacted Files:

• src/collaboration/collaboration.gateway.ts
• src/main.ts

Acceptance Criteria

• Messages exceeding the limit result in a WsException with code PAYLOAD_TOO_LARGE.
• Legitimate messages under the limit are processed normally.
• Limit is configurable without code changes.

[Thoni76]

@Thoni76 has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

Good day maintainer, please i would love to fix this issue

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Thoni76 to this issue.

[sublime247]

@sublime247 has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

I would like to resolve this issues

ℹ️ Repo Maintainers: To accept this application, review their application or assign @sublime247 to this issue.

[Divineifed1]

@Divineifed1 has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

kindly let me tackle this task Adding WebSocket message body size limit to prevent memory exhaustion via large payloads

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Divineifed1 to this issue.

[drips-wave]

Congratulations, @sublime247! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on June 30, 2026.

🧑‍💻 @sublime247: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊