adelorenzo/talk2me
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
aec2d3b0aa
talk2me/README.md
Adolfo Delorenzo aec2d3b0aa Add request size limits - Prevents memory exhaustion from large uploads 
This comprehensive request size limiting system prevents memory exhaustion and DoS attacks from oversized requests.

Key features:
- Global request size limit: 50MB (configurable)
- Type-specific limits: 25MB for audio, 1MB for JSON, 10MB for images
- Multi-layer validation before loading data into memory
- File type detection based on extensions
- Endpoint-specific limit enforcement
- Dynamic configuration via admin API
- Clear error messages with size information

Implementation details:
- RequestSizeLimiter middleware with Flask integration
- Pre-request validation using Content-Length header
- File size checking for multipart uploads
- JSON payload size validation
- Custom decorator for route-specific limits
- StreamSizeLimiter for chunked transfers
- Integration with Flask's MAX_CONTENT_LENGTH

Admin features:
- GET /admin/size-limits - View current limits
- POST /admin/size-limits - Update limits dynamically
- Human-readable size formatting in responses
- Size limit info in health check endpoints

Security benefits:
- Prevents memory exhaustion attacks
- Blocks oversized uploads before processing
- Protects against buffer overflow attempts
- Works with rate limiting for comprehensive protection

This addresses the critical security issue of unbounded request sizes that could lead to memory exhaustion or system crashes.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-06-03 00:58:14 -06:00

3.9 KiB
Raw Blame History

Voice Language Translator

A mobile-friendly web application that translates spoken language between multiple languages using:

  • Gemma 3 open-source LLM via Ollama for translation
  • OpenAI Whisper for speech-to-text
  • OpenAI Edge TTS for text-to-speech

Supported Languages

  • Arabic
  • Armenian
  • Azerbaijani
  • English
  • French
  • Georgian
  • Kazakh
  • Mandarin
  • Farsi
  • Portuguese
  • Russian
  • Spanish
  • Turkish
  • Uzbek

Setup Instructions

  1. Install the required Python packages:

    pip install -r requirements.txt

  2. Configure secrets and environment:

    # Initialize secure secrets management
python manage_secrets.py init

# Set required secrets
python manage_secrets.py set TTS_API_KEY

# Or use traditional .env file
cp .env.example .env
nano .env

    ⚠️ Security Note: Talk2Me includes encrypted secrets management. See SECURITY.md and SECRETS_MANAGEMENT.md for details.

  3. Make sure you have Ollama installed and the Gemma 3 model loaded:

    ollama pull gemma3

  4. Ensure your OpenAI Edge TTS server is running on port 5050.

  5. Run the application:

    python app.py

  6. Open your browser and navigate to:

    http://localhost:8000

Usage

  1. Select your source language from the dropdown menu
  2. Press the microphone button and speak
  3. Press the button again to stop recording
  4. Wait for the transcription to complete
  5. Select your target language
  6. Press the "Translate" button
  7. Use the play buttons to hear the original or translated text

Technical Details

  • The app uses Flask for the web server
  • Audio is processed client-side using the MediaRecorder API
  • Whisper for speech recognition with language hints
  • Ollama provides access to the Gemma 3 model for translation
  • OpenAI Edge TTS delivers natural-sounding speech output

CORS Configuration

The application supports Cross-Origin Resource Sharing (CORS) for secure cross-origin usage. See CORS_CONFIG.md for detailed configuration instructions.

Quick setup:

# Development (allow all origins)
export CORS_ORIGINS="*"

# Production (restrict to specific domains)
export CORS_ORIGINS="https://yourdomain.com,https://app.yourdomain.com"
export ADMIN_CORS_ORIGINS="https://admin.yourdomain.com"

Connection Retry & Offline Support

Talk2Me handles network interruptions gracefully with automatic retry logic:

  • Automatic request queuing during connection loss
  • Exponential backoff retry with configurable parameters
  • Visual connection status indicators
  • Priority-based request processing

See CONNECTION_RETRY.md for detailed documentation.

Rate Limiting

Comprehensive rate limiting protects against DoS attacks and resource exhaustion:

  • Token bucket algorithm with sliding window
  • Per-endpoint configurable limits
  • Automatic IP blocking for abusive clients
  • Global request limits and concurrent request throttling
  • Request size validation

See RATE_LIMITING.md for detailed documentation.

Session Management

Advanced session management prevents resource leaks from abandoned sessions:

  • Automatic tracking of all session resources (audio files, temp files)
  • Per-session resource limits (100 files, 100MB)
  • Automatic cleanup of idle sessions (15 minutes) and expired sessions (1 hour)
  • Real-time monitoring and metrics
  • Manual cleanup capabilities for administrators

See SESSION_MANAGEMENT.md for detailed documentation.

Request Size Limits

Comprehensive request size limiting prevents memory exhaustion:

  • Global limit: 50MB for any request
  • Audio files: 25MB maximum
  • JSON payloads: 1MB maximum
  • File type detection and enforcement
  • Dynamic configuration via admin API

See REQUEST_SIZE_LIMITS.md for detailed documentation.

Mobile Support

The interface is fully responsive and designed to work well on mobile devices.