Skip to content

Commit e7bd305

Browse files
authored
Add Slowloris protection (#239)
1 parent 1eb59bf commit e7bd305

2 files changed

Lines changed: 7 additions & 3 deletions

File tree

pkg/workflows/apiserver/server.go

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ import (
66
"log"
77
"net/http"
88
"strings"
9+
"time"
910

1011
"github.com/go-chi/chi/v5"
1112
"github.com/gorilla/websocket"
@@ -67,8 +68,9 @@ func Start(handler *ServerHandler, port int) *http.Server {
6768
})
6869

6970
server := &http.Server{
70-
Addr: fmt.Sprintf("localhost:%d", port),
71-
Handler: mux,
71+
Addr: fmt.Sprintf("localhost:%d", port),
72+
Handler: mux,
73+
ReadTimeout: 5 * time.Second, // Prevent Slowloris DoS attacks
7274
}
7375

7476
go func() {

pkg/workflows/taskserver/server.go

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ import (
55
"log"
66
"net"
77
"net/http"
8+
"time"
89

910
"github.com/go-chi/chi/v5"
1011
)
@@ -62,7 +63,8 @@ func (h *ServerHandler) Start() *http.Server {
6263
muxHandler := HandlerFromMux(strictHandler, r)
6364

6465
server := &http.Server{
65-
Handler: muxHandler,
66+
Handler: muxHandler,
67+
ReadTimeout: 5 * time.Second, // Prevent Slowloris DoS attacks
6668
}
6769

6870
go func() {

0 commit comments

Comments
 (0)