mirror of
https://github.com/projectdiscovery/nuclei.git
synced 2026-01-31 15:53:10 +08:00
d7da0e0914
across multiple layers Fixes timeout configuration conflicts where HTTP requests would timeout prematurely despite configured values in `@timeout` annotations or `-timeout` flags. RCA: * `retryablehttp` pkg overriding with default 30s timeout. * Custom timeouts not propagating to `retryablehttp` layer. * Multiple timeout layers not sync properly. Changes: * Propagate custom timeouts from `@timeout` annotations to `retryablehttp` layer. * Adjust 5-minute maximum cap to prevent DoS via extremely large timeouts. * Ensure `retryableHttpOptions.Timeout` respects `ResponseHeaderTimeout`. * Add comprehensive tests for timeout capping behavior. This allows templates to override global timeout via `@timeout` annotations while preventing abuse thru unreasonably large timeout values. Fixes #6560. Signed-off-by: Dwi Siswanto <git@dw1.io>