Malicious clients and proxies can provide potentially malicious strings in the polls. This validates the NAT type and proxy type strings to ensure that malformed strings are not displayed on a web page or passed to any of our monitoring infrastructure.
For now this only parses NAT and proxy type strings. The client and offer and proxy answer are at the moment no validated. I'm not opposed to validating these, but depending on how thoroughly we want to do it, it could require importing a lot of dependencies.
I also made a decision to return an error if the NAT type is not one of the three known values, but not if the proxy type is unknown. This is because we encourage people who are embedding proxies or writing their own proxy code to set their own proxy type: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake-webext#reuse-as-a-library
There's no logging yet, maybe that's useful? Especially for unknown proxy types? It would be easy to add, but I was worried about it being too noisy.
Closes #40089 (closed)