linting: G112: Potential Slowloris Attack

Picking 2 seconds, although that's just a randomly picked timeout;
given that this is only for testing, it's not too important.

    e2e/plugin/basic/basic.go:25:12: G112: Potential Slowloris Attack because ReadHeaderTimeout is not configured in the http.Server (gosec)
        server := http.Server{
            Addr:    l.Addr().String(),
            Handler: http.NewServeMux(),
        }

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 98654202c2)
Signed-off-by: Cory Snider <csnider@mirantis.com>
This commit is contained in:
Sebastiaan van Stijn 2022-09-03 17:49:54 +02:00 committed by Cory Snider
parent d3a4ff827f
commit b8dd4ca57b
1 changed files with 4 additions and 2 deletions

View File

@ -6,6 +6,7 @@ import (
"net/http" "net/http"
"os" "os"
"path/filepath" "path/filepath"
"time"
) )
func main() { func main() {
@ -25,6 +26,7 @@ func main() {
server := http.Server{ server := http.Server{
Addr: l.Addr().String(), Addr: l.Addr().String(),
Handler: http.NewServeMux(), Handler: http.NewServeMux(),
ReadHeaderTimeout: 2 * time.Second, // G112: Potential Slowloris Attack because ReadHeaderTimeout is not configured in the http.Server
} }
mux.HandleFunc("/Plugin.Activate", func(w http.ResponseWriter, r *http.Request) { mux.HandleFunc("/Plugin.Activate", func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1.1+json") w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1.1+json")