diff options
| author | jwijenbergh <jeroenwijenbergh@protonmail.com> | 2022-11-28 14:47:41 +0100 |
|---|---|---|
| committer | jwijenbergh <jeroenwijenbergh@protonmail.com> | 2022-11-28 14:47:41 +0100 |
| commit | 5c8886236a0f6fc2c7674f7132ec09a13b65564a (patch) | |
| tree | 9fb9e4c9ae34a475700030a3fd00b3ff87698212 | |
| parent | 9fba9d6ef01490935ab181f5ea4abd9f0d490388 (diff) | |
OAuth: Define ReadHeaderTimeout
| -rw-r--r-- | internal/oauth/oauth.go | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/internal/oauth/oauth.go b/internal/oauth/oauth.go index f88e7e9..6fd2c1f 100644 --- a/internal/oauth/oauth.go +++ b/internal/oauth/oauth.go @@ -187,6 +187,9 @@ func (oauth *OAuth) tokensWithCallback() error { // server /callback over the listener address oauth.session.Server = &http.Server{ Handler: mux, + // Define a default 60 second header read timeout to protect against a Slowloris Attack + // A bit overkill maybe for a local server but good to define anyways + ReadHeaderTimeout: 60 * time.Second, } mux.HandleFunc("/callback", oauth.Callback) |