From 6b2fd81efc9d4f27454b0a2b700ed859786f49ec Mon Sep 17 00:00:00 2001
From: appleboy <appleboy.tw@gmail.com>
Date: Fri, 15 Nov 2024 01:18:17 +0800
Subject: [PATCH] test(sec): enhance security and performance in test server
 configs

- Set the minimum TLS version to TLS 1.2 in the test server configuration
- Add `ReadHeaderTimeout` of 10 seconds to the HTTP server configurations in the tests

Signed-off-by: appleboy <appleboy.tw@gmail.com>
---
 graceful_test.go | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/graceful_test.go b/graceful_test.go
index 6894607..562406b 100644
--- a/graceful_test.go
+++ b/graceful_test.go
@@ -192,11 +192,19 @@ func TestWithServer(t *testing.T) {
 	assert.NoError(t, err)
 	tlsConfig := &tls.Config{
 		Certificates: []tls.Certificate{cert},
+		MinVersion:   tls.VersionTLS12,
 	}
 	testRouterConstructor(t, func() (*Graceful, error) {
 		return Default(
-			WithServer(&http.Server{Addr: ":8811"}),
-			WithServer(&http.Server{Addr: ":9443", TLSConfig: tlsConfig}),
+			WithServer(&http.Server{
+				Addr:              ":8811",
+				ReadHeaderTimeout: 10 * time.Second,
+			}),
+			WithServer(&http.Server{
+				Addr:              ":9443",
+				TLSConfig:         tlsConfig,
+				ReadHeaderTimeout: 10 * time.Second,
+			}),
 		)
 	}, "http://localhost:8811/example", "https://localhost:9443/example")
 }
@@ -212,7 +220,10 @@ func TestWithAll(t *testing.T) {
 		return Default(WithAddr(":8080"),
 			WithTLS(":8443", "./testdata/certificate/cert.pem", "./testdata/certificate/key.pem"),
 			WithListener(listener),
-			WithServer(&http.Server{Addr: ":8811"}),
+			WithServer(&http.Server{
+				Addr:              ":8811",
+				ReadHeaderTimeout: 10 * time.Second,
+			}),
 		)
 	},
 		"http://localhost:8080/example",