mirror/prysm-pulse
1
0
Fork 0
mirror of https://gitlab.com/pulsechaincom/prysm-pulse.git synced 2025-01-03 00:27:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix gosec scan: G112 (CWE-400) Potential Slowloris Attack (#10872)

Browse Source
This commit is contained in:
terencechain 2022-06-13 15:29:26 -07:00 committed by GitHub
parent 80f4f22401
commit 4c4fb9f2c0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 13 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
api/gateway/gateway.go
View File

@ -121,8 +121,9 @@ func (g *Gateway) Start() {
} }
g.server = &http.Server{ g.server = &http.Server{
Addr: g.cfg.gatewayAddr, Addr: g.cfg.gatewayAddr,
Handler: corsMux, Handler: corsMux,
ReadHeaderTimeout: time.Second,
} }
go func() { go func() {

2
monitoring/prometheus/service.go
View File

@ -52,7 +52,7 @@ func NewService(addr string, svcRegistry *runtime.ServiceRegistry, additionalHan
mux.HandleFunc(h.Path, h.Handler) mux.HandleFunc(h.Path, h.Handler)
} }
s.server = &http.Server{Addr: addr, Handler: mux} s.server = &http.Server{Addr: addr, Handler: mux, ReadHeaderTimeout: time.Second}
return s return s
} }

3
monitoring/prometheus/simple_server.go
View File

@ -2,6 +2,7 @@ package prometheus
import ( import (
"net/http" "net/http"
"time"
"github.com/prometheus/client_golang/prometheus/promhttp" "github.com/prometheus/client_golang/prometheus/promhttp"
) )
@ -12,6 +13,6 @@ func RunSimpleServerOrDie(addr string) {
mux := http.NewServeMux() mux := http.NewServeMux()
mux.Handle("/metrics", promhttp.Handler()) mux.Handle("/metrics", promhttp.Handler())
svr := &http.Server{Addr: addr, Handler: mux} svr := &http.Server{Addr: addr, Handler: mux, ReadHeaderTimeout: time.Second}
log.Fatal(svr.ListenAndServe()) log.Fatal(svr.ListenAndServe())
} }

5
testing/endtoend/components/tracing_sink.go
View File

@ -78,8 +78,9 @@ func (ts *TracingSink) Stop() error {
func (ts *TracingSink) initializeSink(ctx context.Context) { func (ts *TracingSink) initializeSink(ctx context.Context) {
mux := &http.ServeMux{} mux := &http.ServeMux{}
ts.server = &http.Server{ ts.server = &http.Server{
Addr: ts.endpoint, Addr: ts.endpoint,
Handler: mux, Handler: mux,
ReadHeaderTimeout: time.Second,
} }
defer func() { defer func() {
if err := ts.server.Close(); err != nil { if err := ts.server.Close(); err != nil {

6
testing/middleware/engine-api-proxy/proxy.go
View File

@ -14,6 +14,7 @@ import (
"net/http" "net/http"
"strings" "strings"
"sync" "sync"
"time"
"github.com/pkg/errors" "github.com/pkg/errors"
"github.com/prysmaticlabs/prysm/network" "github.com/prysmaticlabs/prysm/network"
@ -72,8 +73,9 @@ func New(opts ...Option) (*Proxy, error) {
mux.Handle("/", p) mux.Handle("/", p)
addr := fmt.Sprintf("%s:%d", p.cfg.proxyHost, p.cfg.proxyPort) addr := fmt.Sprintf("%s:%d", p.cfg.proxyHost, p.cfg.proxyPort)
srv := &http.Server{ srv := &http.Server{
Handler: mux, Handler: mux,
Addr: addr, Addr: addr,
ReadHeaderTimeout: time.Second,
} }
p.address = addr p.address = addr
p.srv = srv p.srv = srv