fix(guard, runner): enforce http body size and ws msg size

[MasterPtato]

Description

Please include a summary of the changes and the related issue. Please also include relevant motivation and context.

Type of change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes.

Checklist:

• My code follows the style guidelines of this project
• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes

Fixes RVT-5967

[railway-app]

🚅 Deployed to the rivet-pr-4252 environment in rivet-frontend

Service	Status	Web	Updated (UTC)
frontend-inspector	❌ Build Failed (View Logs)	Web	Feb 21, 2026 at 1:49 am
frontend-cloud	❌ Build Failed (View Logs)	Web	Feb 21, 2026 at 1:48 am
ladle	❌ Build Failed (View Logs)	Web	Feb 21, 2026 at 1:42 am
website	❌ Build Failed (View Logs)	Web	Feb 21, 2026 at 1:41 am
mcp-hub	✅ Success (View Logs)	Web	Feb 21, 2026 at 1:41 am

[MasterPtato]

• fix: always trigger serverless ended early error #4320
• fix: remove useless config params #4319
• fix: add serverless leak fix oneoff #4318
• chore: add log for runners with no alloc idx #4316
• fix(ups): upgrade nats, fix chunking, add chunking tests #4315
• chore: fix tests #4314
• fix: various serverless bug fixes #4313
• fix(guard, runner): enforce http body size and ws msg size #4252 👈 (View in Graphite)
• fix(pegboard): add threshold parameters to runner protocol metadata #4247
• chore: get docker compose working again #4246
• fix(epoxy): make quorum sizes match paper #4234
• fix(rivetkit): stall stop handler until start completes #4192
• main

---

How to use the Graphite Merge Queue

Add the label merge-queue to this PR to add it to the merge queue.

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has enabled the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

This stack of pull requests is managed by Graphite. Learn more about stacking.

[linear]

RVT-5967 Add HTTP body size limits to pegboard gateway tunnel

[claude]

PR Review: fix(guard, runner): enforce http body size and ws msg size

Good direction — enforcing size limits at the guard layer is the right architectural approach. A few issues to address before merging.

---

Bug: Unused import (compile warning / dead code)

In engine/packages/pegboard-runner/src/ws_to_tunnel_task.rs line 9:

use rivet_guard_core::proxy_service::MAX_BODY_SIZE;

This import is never used. The size check at line 791 uses ctx.config().pegboard().runner_http_max_response_body_size() instead of MAX_BODY_SIZE. Either remove the import or use the constant for the check (which would also address the inconsistency noted below).

---

Required documentation update

CLAUDE.md requires: "When changing actor/runtime limits or behavior that affects documented limits (for example KV, queue, SQLite, WebSocket, HTTP, or timeouts), update website/src/content/docs/actors/limits.mdx in the same change."

limits.mdx currently states 128 MiB for both Max request/response body sizes. This PR enforces a 20 MiB guard-layer limit for non-streaming HTTP bodies. The docs are now incorrect and must be updated.

---

Orphaned error artifact

engine/artifacts/errors/guard.response_body_too_large.json still exists on disk. The corresponding ResponseBodyTooLarge struct was removed from pegboard-runner/src/errors.rs, but the artifact file was not deleted.

---

Status code semantics: 413 for all invalid_request_body errors

In guard-core/src/utils.rs:

("guard", "invalid_request_body") => StatusCode::PAYLOAD_TOO_LARGE,

Limited::new(body, MAX_BODY_SIZE).collect() can fail from IO errors (client disconnect mid-stream) in addition to body-too-large errors. Both cases return 413, which is misleading for IO failures. Consider inspecting for LengthLimitError to distinguish the cases, or renaming the error to request_body_too_large to signal intent (there is an existing guard.request_body_too_large.json artifact with exactly that name for the gateway's RequestBodyTooLarge error).

---

Inconsistent limits between layers

For non-streaming responses, the runner allows up to 128 MiB (runner_http_max_response_body_size default), but guard rejects at 20 MiB when buffering. An actor returning a 50 MiB non-streaming response would pass the runner check but be rejected by guard with BAD_GATEWAY. Streaming bypasses the buffer limit, so this is architecturally sound, but the gap is non-obvious and the unused MAX_BODY_SIZE import suggests the intent may have been to unify these.

---

Expanded tunnel message check scope (undocumented)

The old code only checked ToServerResponseStart body size. The new tunnel_message_inner_data_len_mk{1,2} functions check all message types including chunks and WebSocket messages. This broader scope is likely correct but was not described in the PR description.

---

tunnel.ts: size check after full body allocation

In engine/sdks/typescript/runner/src/tunnel.ts:

const body = response.body ? await response.arrayBuffer() : null;
if (body && body.byteLength > MAX_BODY_SIZE) {
    throw new Error("Response body too large");
}

response.arrayBuffer() fully reads the entire response into memory before the size check runs. A 50 MiB response still allocates 50 MiB before being rejected. For meaningful memory protection the check needs to happen while streaming (e.g., count bytes in a TransformStream and abort above the limit).

---

Minor

• The typo fix in actor-driver.ts ("immeidatley" → "immediately") is a good catch.
• Punctuation fix on UpstreamError message (added trailing period) is good for consistency.

[graphite-app]

Add a newline at the end of the file to fix the 'No newline at end of file' linting error

Spotted by Graphite Agent (based on CI logs)



Is this helpful? React 👍 or 👎 to let us know.

[pkg-pr-new]

More templates

• actor-actions
• actor-actions-vercel
• ai-agent
• ai-agent-vercel
• example-ai-and-user-generated-actors-freestyle
• chat-room
• chat-room-vercel
• example-cloudflare-workers
• example-cloudflare-workers-hono
• collaborative-document
• collaborative-document-vercel
• cross-actor-actions
• cross-actor-actions-vercel
• example-cursors
• example-cursors-raw-websocket
• example-cursors-raw-websocket-vercel
• example-cursors-vercel
• custom-serverless
• example-elysia
• example-experimental-durable-streams-ai-agent
• example-experimental-durable-streams-ai-agent-vercel
• geo-distributed-database
• geo-distributed-database-vercel
• hello-world
• hello-world-vercel
• example-hono
• hono-react
• hono-react-vercel
• example-kitchen-sink
• example-kitchen-sink-vercel
• multi-region-vercel
• multiplayer-game
• example-multiplayer-game-patterns
• example-multiplayer-game-patterns-vercel
• multiplayer-game-vercel
• native-websockets
• native-websockets-vercel
• next-js
• per-tenant-database
• per-tenant-database-vercel
• example-raw-fetch-handler
• example-raw-fetch-handler-vercel
• example-raw-websocket-handler
• example-raw-websocket-handler-proxy
• example-raw-websocket-handler-proxy-vercel
• example-raw-websocket-handler-vercel
• example-react
• example-react-vercel
• sandbox
• sandbox-coding-agent
• sandbox-coding-agent-vercel
• sandbox-vercel
• scheduling
• scheduling-vercel
• example-sqlite-drizzle
• example-sqlite-raw
• state
• state-vercel
• example-stream
• example-stream-vercel
• example-trpc

@rivetkit/cloudflare-workers

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/cloudflare-workers@4252

@rivetkit/framework-base

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/framework-base@4252

@rivetkit/next-js

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/next-js@4252

@rivetkit/react

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/react@4252

rivetkit

pnpm add https://pkg.pr.new/rivet-dev/rivet/rivetkit@4252

@rivetkit/sql-loader

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/sql-loader@4252

@rivetkit/sqlite-vfs

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/sqlite-vfs@4252

@rivetkit/traces

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/traces@4252

@rivetkit/workflow-engine

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/workflow-engine@4252

@rivetkit/virtual-websocket

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/virtual-websocket@4252

@rivetkit/engine-runner

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/engine-runner@4252

@rivetkit/engine-runner-protocol

pnpm add https://pkg.pr.new/rivet-dev/rivet/@rivetkit/engine-runner-protocol@4252

commit: 350c871