Inconsistency in request_timeout config option

Question

Inconsistency in request_timeout config option

chkp-sharony opened this issue 10 months ago · 2 comments

Environment information

MWDB version (from /about): 2.10.3 (also appears in 2.10.2)
Installation method:
- mwdb.cert.pl service
- From PyPi (pip install mwdb-core)
- From docker-compose
- Other (please explain)
Plugins installed: None

Behaviour the bug (what happened?)

In mwdb.ini a user may define a request_timeout value. A default timeout value is also set in commons/api to 8000.

However, it seems like the user defined value isn't used, at least in quick query. So for example, if we pick this snippet from QuickQueries:

...
const api = useContext(APIContext);
...
const updateQueries = async () => {
    try {
        let response = await api.getQuickQueries(props.type);
        setQueries(response.data);
    } catch (error) {
        console.log(error);
    }
};

And then log the default timeout of axios in getQuickQueries and also add a sleep of >8s on the server side, we get:

While it seems like the request timeout is 8 seconds, if I go to /api/server I see:

{
    "is_authenticated": false,
    "instance_name": "mwdb",
    "server_version": "2.10.3",
    "is_maintenance_set": false,
    "is_3rd_party_sharing_consent_enabled": false,
    "file_upload_timeout": 60000,
    "is_registration_enabled": true,
    "is_karton_enabled": false,
    "recaptcha_site_key": "6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI",
    "is_oidc_enabled": false,
    "request_timeout": 20000,
    "statement_timeout": 15000
}

Edit: it seems like this issue is more complex. If I log the timeout before calling axios ingetObjectTags, and what I do is: (1) refresh main page of MWDB, (2) go to a sample, (3) add a tag to it and (4) go back to main page I get:

It makes me believe that calling getTags somehow sets the correct request_timeout, possibly because the TagBox component or one of its parents uses config context and makes the value correct.

Expected behaviour

The request_timeout option should be universally overridden when user supplies a value across all requests.

Answer 1 · 2024-01-15T12:48:14.000Z

Uh good catch. I will try to look into it soon.

Answer 2 · 2024-02-01T12:50:04.000Z

Ok, so I guess it's race condition between getQuickQueries and applying configuration from /server endpoint.

Hardcoded default timeout is 8000ms: https://github.com/CERT-Polska/mwdb-core/blob/master/mwdb/web/src/commons/api/index.tsx#L119

But it is changed by effect in server configuration provider: https://github.com/CERT-Polska/mwdb-core/blob/master/mwdb/web/src/commons/config/provider.tsx#L125

And it seems that it's applied too late.