Add support for ReadHeaderTimeout#74
Add support for ReadHeaderTimeout#74pires merged 1 commit intopires:mainfrom unmarshal:read_header_timeout
Conversation
|
I'm under the impression I'm about to learn something here but how can the coverage increase if no tests were implemented? Are the examples added here considered example tests? |
|
I was scratching my head about the test coverage too. I ended up just removing the examples and moving the https server to the README. I didn't want to restructure your project. |
|
No, no, no, please, keep the code in the |
|
Sounds good. Will do. |
|
code coverage didn't increase because of the examples. guessing it has to do with the new lines added when the deadline is set. |
pires
left a comment
pires
left a comment
There was a problem hiding this comment.
Overall LGTM but please remove the binaries (maybe you added them accidentally) and add tests that show that an error is thrown when a client doesn't write the header after a defined amount of time.
|
Whoops. Yes, that was a mistake. I will fix that and also add a test. Cheers. |
Set a read deadline when waiting for the PROXY protocol header. Fix for #65
|
Sorry about the premature squashing and force pushes. Didn't realize it messed with github's review system. |
pires
left a comment
pires
left a comment
There was a problem hiding this comment.
This is great, thank you very much!
From https://github.com/pires/go-proxyproto/releases: Prevent potentially malicious client(s) from opening connections and not send the proxy protocol header, which could lead to DoS as the server would hold those socket descriptors open indefinitely, eventually running out of resources. The solution is to set a read deadline when waiting for the PROXY protocol header: pires/go-proxyproto#74
From https://github.com/pires/go-proxyproto/releases: Prevent potentially malicious client(s) from opening connections and not send the proxy protocol header, which could lead to DoS as the server would hold those socket descriptors open indefinitely, eventually running out of resources. The solution is to set a read deadline when waiting for the PROXY protocol header: pires/go-proxyproto#74
|
@pires I strongly urge you to pick a suitable default for when no read timeout is set. Otherwise you put the onus on library users to know that they have to do this in order to be safe. |
|
Agreed. |
4 participants
Set a read deadline when waiting for the PROXY protocol header.