Dwi Siswanto
d7da0e0914
fix(http): resolve timeout config issues ( #6562 )
...
across multiple layers
Fixes timeout configuration conflicts where HTTP
requests would timeout prematurely despite
configured values in `@timeout` annotations or
`-timeout` flags.
RCA:
* `retryablehttp` pkg overriding with default
30s timeout.
* Custom timeouts not propagating to
`retryablehttp` layer.
* Multiple timeout layers not sync properly.
Changes:
* Propagate custom timeouts from `@timeout`
annotations to `retryablehttp` layer.
* Adjust 5-minute maximum cap to prevent DoS via
extremely large timeouts.
* Ensure `retryableHttpOptions.Timeout` respects
`ResponseHeaderTimeout`.
* Add comprehensive tests for timeout capping
behavior.
This allows templates to override global timeout
via `@timeout` annotations while preventing abuse
thru unreasonably large timeout values.
Fixes #6560 .
Signed-off-by: Dwi Siswanto <git@dw1.io >
2025-11-04 08:51:17 +07:00
HD Moore
f26996cb89
Remove singletons from Nuclei engine (continuation of #6210 ) ( #6296 )
...
* introducing execution id
* wip
* .
* adding separate execution context id
* lint
* vet
* fixing pg dialers
* test ignore
* fixing loader FD limit
* test
* fd fix
* wip: remove CloseProcesses() from dev merge
* wip: fix merge issue
* protocolstate: stop memguarding on last dialer delete
* avoid data race in dialers.RawHTTPClient
* use shared logger and avoid race conditions
* use shared logger and avoid race conditions
* go mod
* patch executionId into compiled template cache
* clean up comment in Parse
* go mod update
* bump echarts
* address merge issues
* fix use of gologger
* switch cmd/nuclei to options.Logger
* address merge issues with go.mod
* go vet: address copy of lock with new Copy function
* fixing tests
* disable speed control
* fix nil ExecuterOptions
* removing deprecated code
* fixing result print
* default logger
* cli default logger
* filter warning from results
* fix performance test
* hardcoding path
* disable upload
* refactor(runner): uses `Warning` instead of `Print` for `pdcpUploadErrMsg`
Signed-off-by: Dwi Siswanto <git@dw1.io >
* Revert "disable upload"
This reverts commit 114fbe6663cf12ca800egit@dw1.io >
Co-authored-by: Mzack9999 <mzack9999@protonmail.com >
Co-authored-by: Dwi Siswanto <git@dw1.io >
Co-authored-by: Dwi Siswanto <25837540+dwisiswant0@users.noreply.github.com >
2025-07-10 01:17:26 +05:30
Dwi Siswanto
87ed0b2bb9
build: bump all direct modules ( #6290 )
...
* chore: fix non-constant fmt string in call
Signed-off-by: Dwi Siswanto <git@dw1.io >
* build: bump all direct modules
Signed-off-by: Dwi Siswanto <git@dw1.io >
* chore(hosterrorscache): update import path
Signed-off-by: Dwi Siswanto <git@dw1.io >
* fix(charts): break changes
Signed-off-by: Dwi Siswanto <git@dw1.io >
* build: pinned `github.com/zmap/zcrypto` to v0.0.0-20240512203510-0fef58d9a9db
Signed-off-by: Dwi Siswanto <git@dw1.io >
* chore: golangci-lint auto fixes
Signed-off-by: Dwi Siswanto <git@dw1.io >
* chore: satisfy lints
Signed-off-by: Dwi Siswanto <git@dw1.io >
* build: migrate `github.com/xanzy/go-gitlab` => `gitlab.com/gitlab-org/api/client-go`
Signed-off-by: Dwi Siswanto <git@dw1.io >
* feat(json): update build constraints
Signed-off-by: Dwi Siswanto <git@dw1.io >
* chore: dont panicking on close err
Signed-off-by: Dwi Siswanto <git@dw1.io >
---------
Signed-off-by: Dwi Siswanto <git@dw1.io >
2025-07-01 00:40:44 +07:00
M. Ángel Jimeno
7da3921c12
http: support arbitrary strings on TLS SNI annotation ( #4462 )
2023-12-06 14:15:30 +05:30
Tarun Koyalwar
dc44105baf
nuclei v3 : misc updates ( #4247 )
...
* use parsed options while signing
* update project layout to v3
* fix .gitignore
* remove example template
* misc updates
* bump tlsx version
* hide template sig warning with env
* js: retain value while using log
* fix nil pointer derefernce
* misc doc update
---------
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com >
2023-10-17 17:44:13 +05:30
