Loading...

XML

Word

Printable

Type: Story
Resolution: Done
Priority: Undefined
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:

Story Points:
3
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Epic Link:
eso-threat-modeling-countermeasures
Git Pull Request:
https://github.com/external-secrets/external-secrets/pull/5231
Intelligence Requested:
Market:

Sprint:
OAPE Sprint 276
sprint_count:
1

SFDC Cases Links:
SFDC Cases Open:
SFDC Cases Counter:

PX Impact Score:

This story aims to close the gap by:

Setting sane defaults and making timeouts configurable

Enforcing header/body/request size limits

Logging request violations

Disabling HTTP/2 where applicable

Improving observability and safety of the HTTP surface

These changes will enhance ESO's resilience to slowloris-style DoS attacks, excessive request sizes, and misconfigured clients.

Refer :- https://docs.google.com/document/d/1cSJhgSS2VfGfjsYAlxJ_3t4I14JXGzRfQivY0NaEi_Q/edit?tab=t.0#heading=h.c6cdlrlyu7ss for more info

blocks

ESO-109 T35: Fine-tune HTTP server settings

Closed

Assignee:: Siddhi Bhor

Reporter:: Siddhi Bhor

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2025/07/24 6:58 AM

Updated:: 2025/09/04 5:46 PM

Resolved:: 2025/09/04 5:46 PM