jiangcuo/node - node - Gitea: Git with a cup of tea

jiangcuo/node

Fork 0

mirror of https://github.com/nodejs/node.git synced 2025-05-04 06:27:35 +00:00

Commit Graph

Author	SHA1	Message	Date
Tim Costa	e17403ede3	http,https: increase server headers timeout Fixes: https://github.com/nodejs/node/issues/24980 Refs: https://github.com/nodejs/node/commit/eb43bc04b1 PR-URL: https://github.com/nodejs/node/pull/30071 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Rich Trott <rtrott@gmail.com>	2019-12-14 08:59:19 -05:00
Ruben Bridgewater	50dd555910	doc,lib,test: capitalize comment sentences This activates the eslint capitalize comment rule for comments above 50 characters. PR-URL: https://github.com/nodejs/node/pull/24996 Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>	2018-12-17 17:14:35 +01:00
Matteo Collina	ee618a7ab2	http,https: protect against slow headers attack CVE-2018-12122 An attacker can send a char/s within headers and exahust the resources (file descriptors) of a system even with a tight max header length protection. This PR destroys a socket if it has not received the headers in 40s. PR-URL: https://github.com/nodejs-private/node-private/pull/144 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>	2018-11-28 11:36:34 +11:00

Author

SHA1

Message

Date

Tim Costa

e17403ede3

http,https: increase server headers timeout

Fixes: https://github.com/nodejs/node/issues/24980
Refs: https://github.com/nodejs/node/commit/eb43bc04b1

PR-URL: https://github.com/nodejs/node/pull/30071
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Rich Trott <rtrott@gmail.com>

2019-12-14 08:59:19 -05:00

Ruben Bridgewater

50dd555910

doc,lib,test: capitalize comment sentences

This activates the eslint capitalize comment rule for comments
above 50 characters.

PR-URL: https://github.com/nodejs/node/pull/24996
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

2018-12-17 17:14:35 +01:00

Matteo Collina

ee618a7ab2

http,https: protect against slow headers attack

CVE-2018-12122

An attacker can send a char/s within headers and exahust the resources
(file descriptors) of a system even with a tight max header length
protection. This PR destroys a socket if it has not received the headers
in 40s.

PR-URL: https://github.com/nodejs-private/node-private/pull/144
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>

2018-11-28 11:36:34 +11:00

3 Commits