fix: add timeouts to prevent denial of service

Add 30-second timeout to nix flake metadata command to prevent hanging on slow or unresponsive remotes. Add HTTP server timeouts (read, write, idle) to protect against slowloris-style attacks. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-06 22:58:05 +01:00
parent f637da487c
commit 858e047bff
2 changed files with 10 additions and 3 deletions
--- a/main.go
+++ b/main.go
@@ -47,8 +47,11 @@ func main() {
 	})

 	server := &http.Server{
-		Addr:    cfg.ListenAddr,
-		Handler: mux,
+		Addr:         cfg.ListenAddr,
+		Handler:      mux,
+		ReadTimeout:  10 * time.Second,
+		WriteTimeout: 10 * time.Second,
+		IdleTimeout:  60 * time.Second,
 	}

 	// Handle shutdown gracefully