happyDomain/happyDomain
happyDomain
/
happyDomain
1
0
Fork 0
Code Issues 1 Pull Requests 4 Releases Activity

Fix potential Slowloris Attack because ReadHeaderTimeout was not configured (CWE-400)

This commit is contained in:
nemunaire 2023-11-22 10:03:43 +01:00
parent c58c18f0b6
commit a72a889442
2 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
internal/app/admin.go
View File

@ -73,8 +73,9 @@ func NewAdmin(cfg *config.Options) Admin {
func (app *Admin) Start() {
app.srv = &http.Server{
Addr: app.cfg.AdminBind,
Handler: app.router,
Addr: app.cfg.AdminBind,
Handler: app.router,
ReadHeaderTimeout: 15 * time.Second,
}
log.Printf("Admin interface listening on %s\n", app.cfg.AdminBind)

5
internal/app/app.go
View File

@ -72,8 +72,9 @@ func NewApp(cfg *config.Options) App {
func (app *App) Start() {
app.srv = &http.Server{
Addr: app.cfg.Bind,
Handler: app.router,
Addr: app.cfg.Bind,
Handler: app.router,
ReadHeaderTimeout: 15 * time.Second,
}
log.Printf("Public interface listening on %s\n", app.cfg.Bind)