[YUNIKORN-2182] Set ReadHeaderTimeout in http server - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: core - common, webapp
Labels:
- newbie

Target Version:

1.6.0

Description

Potential Slowloris Attack because ReadHeaderTimeout is not configured in the http.Server (gosec)

We do not set ReadTimeout or ReadHeaderTimeout so we do not have a timeout at all at the moment.

BTW: this is not important for the webtest servers we build as they are just for our tests.

Attachments

Activity

People

Assignee:: Chen, Kai-Chun

Reporter:: Wilfred Spiegelenburg

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 23/Nov/23 00:39

Updated:: 20/Feb/24 13:07