diff options
| author | Robert Kowalski <robert.kowalski@new-work.se> | 2022-07-25 14:12:48 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-07-25 14:12:48 +0200 |
| commit | 1a71c52ef33f085f108c078e49f501180fcc9cc6 (patch) | |
| tree | 6afa8cd02db76b35b6ce1cc85671b3d7e22eaebc /pkg/artifacts | |
| parent | fix: the number in the github event is of type number (#1252) (diff) | |
| download | forgejo-act-1a71c52ef33f085f108c078e49f501180fcc9cc6.tar.xz forgejo-act-1a71c52ef33f085f108c078e49f501180fcc9cc6.zip | |
lint: add ReadHeaderTimeout (#1277)
currently build fail with:
```
run golangci-lint
Running [/home/runner/golangci-lint-1.47.0-linux-amd64/golangci-lint run --out-format=github-actions] in [] ...
Error: G112: Potential Slowloris Attack because ReadHeaderTimeout is not configured in the http.Server (gosec)
```
for example in this PR:
https://github.com/nektos/act/runs/7405009660?check_suite_focus=true
this sets the required ReadHeaderTimeout
Diffstat (limited to 'pkg/artifacts')
| -rw-r--r-- | pkg/artifacts/server.go | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/pkg/artifacts/server.go b/pkg/artifacts/server.go index a470fb4..06a7706 100644 --- a/pkg/artifacts/server.go +++ b/pkg/artifacts/server.go @@ -12,6 +12,7 @@ import ( "path" "path/filepath" "strings" + "time" "github.com/julienschmidt/httprouter" "github.com/nektos/act/pkg/common" @@ -277,7 +278,11 @@ func Serve(ctx context.Context, artifactPath string, port string) context.Cancel downloads(router, fs) ip := common.GetOutboundIP().String() - server := &http.Server{Addr: fmt.Sprintf("%s:%s", ip, port), Handler: router} + server := &http.Server{ + Addr: fmt.Sprintf("%s:%s", ip, port), + ReadHeaderTimeout: 2 * time.Second, + Handler: router, + } // run server go func() { |