Improve StreamServer security posture #44
Description
I received a security scan from the open web which hit the pytrickle stream server http endpoint. Middleware should be added to the server to filter invalid requests, handle http errors gracefully and provide basic rate limiting:
2025-10-01 16:26:09 [INFO] [aiohttp.access] [web_log.py:214] 162.142.125.44 [01/Oct/2025:16:26:09 +0000] "UNKNOWN / HTTP/1.0" 400 197 "-" "-"
2025-10-01 16:27:17 [ERROR] [aiohttp.server] [web_protocol.py:481] Error handling request from 162.142.125.44
Traceback (most recent call last):
File "/workspace/miniconda3/envs/comfystream/lib/python3.12/site-packages/aiohttp/web_protocol.py", line 408, in data_received
messages, upgraded, tail = self._request_parser.feed_data(data)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "aiohttp/_http_parser.pyx", line 558, in aiohttp._http_parser.HttpParser.feed_data
aiohttp.http_exceptions.BadHttpMessage: 400, message:
Pause on PRI/Upgrade:
b''
^
2025-10-01 16:27:17 [INFO] [aiohttp.access] [web_log.py:214] 162.142.125.44 [01/Oct/2025:16:27:17 +0000] "UNKNOWN / HTTP/1.0" 400 197 "-" "-"
2025-10-01 16:27:19 [INFO] [aiohttp.access] [web_log.py:214] 162.142.125.44 [01/Oct/2025:16:27:19 +0000] "GET /login HTTP/1.1" 404 175 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"