Fix G112: Potential Slowloris Attacks lint errs (#13702)

knative · Feb 16, 2023 · 53e91c9 · 53e91c9
1 parent a99a936
commit 53e91c9
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 11 deletions.
diff --git a/cmd/default-domain/main.go b/cmd/default-domain/main.go
@@ -192,7 +192,6 @@ func main() {
 	h := netprobe.NewHandler(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
 		w.WriteHeader(http.StatusOK)
 	}))
-	//nolinlt:gosec https://github.com/knative/serving/issues/13439
 	server := http.Server{Addr: ":8080", Handler: h, ReadHeaderTimeout: time.Minute}
 	go server.ListenAndServe()
 

diff --git a/pkg/autoscaler/statserver/server.go b/pkg/autoscaler/statserver/server.go
@@ -66,11 +66,11 @@ func New(statsServerAddr string, statsCh chan<- metrics.StatMessage, logger *zap
 	mux := http.NewServeMux()
 	mux.HandleFunc("/", svr.Handler)
 
-	//nolint:gosec // https://github.com/knative/serving/issues/13439
 	svr.wsSrv = http.Server{
-		Addr:      statsServerAddr,
-		Handler:   mux,
-		ConnState: svr.onConnStateChange,
+		Addr:              statsServerAddr,
+		Handler:           mux,
+		ConnState:         svr.onConnStateChange,
+		ReadHeaderTimeout: time.Minute, //https://medium.com/a-journey-with-go/go-understand-and-mitigate-slowloris-attack-711c1b1403f6
 	}
 	return &svr
 }

diff --git a/pkg/queue/sharedmain/main.go b/pkg/queue/sharedmain/main.go
@@ -490,21 +490,21 @@ func buildAdminServer(ctx context.Context, logger *zap.SugaredLogger, drainer *p
 		w.WriteHeader(http.StatusOK)
 	})
 
-	//nolint:gosec // https://github.com/knative/serving/issues/13439
 	return &http.Server{
-		Addr:    ":" + strconv.Itoa(networking.QueueAdminPort),
-		Handler: adminMux,
+		Addr:              ":" + strconv.Itoa(networking.QueueAdminPort),
+		Handler:           adminMux,
+		ReadHeaderTimeout: time.Minute, //https://medium.com/a-journey-with-go/go-understand-and-mitigate-slowloris-attack-711c1b1403f6
 	}
 }
 
 func buildMetricsServer(protobufStatReporter *queue.ProtobufStatsReporter) *http.Server {
 	metricsMux := http.NewServeMux()
 	metricsMux.Handle("/metrics", queue.NewStatsHandler(protobufStatReporter))
 
-	//nolint:gosec // https://github.com/knative/serving/issues/13439
 	return &http.Server{
-		Addr:    ":" + strconv.Itoa(networking.AutoscalingQueueMetricsPort),
-		Handler: metricsMux,
+		Addr:              ":" + strconv.Itoa(networking.AutoscalingQueueMetricsPort),
+		Handler:           metricsMux,
+		ReadHeaderTimeout: time.Minute, //https://medium.com/a-journey-with-go/go-understand-and-mitigate-slowloris-attack-711c1b1403f6
 	}
 }