From a2190b133b7b1fd468dcbdb649c538505572ce28 Mon Sep 17 00:00:00 2001
From: Antoine Arlaud <antoine@snyk.io>
Date: Thu, 27 Jun 2024 00:00:00 +0200
Subject: [PATCH] fix: mitigate vuln SNYK-JS-WS-7266574

---
 .snyk                        | 5 +++++
 lib/common/http/webserver.ts | 1 +
 2 files changed, 6 insertions(+)

diff --git a/.snyk b/.snyk
index 94cd510ba..bcf4bd896 100644
--- a/.snyk
+++ b/.snyk
@@ -12,4 +12,9 @@ ignore:
         reason: No fix from RHEL available
         expires: 2024-05-14T11:13:13.154Z
         created: 2024-05-07T11:13:13.157Z
+  SNYK-JS-WS-7266574:
+    - '*':
+        reason: Mitigated in code
+        expires: 2024-07-26T21:59:20.738Z
+        created: 2024-06-26T21:59:20.744Z
 patch: {}
diff --git a/lib/common/http/webserver.ts b/lib/common/http/webserver.ts
index 886afd957..abd95957d 100644
--- a/lib/common/http/webserver.ts
+++ b/lib/common/http/webserver.ts
@@ -80,6 +80,7 @@ export const webserver = (config, altPort: number) => {
         },
         app,
       );
+  server.maxHeadersCount = 0; // fix https://security.snyk.io/vuln/SNYK-JS-WS-7266574
   server.requestTimeout = process.env.BROKER_WEBSERVER_REQUEST_TIMEOUT
     ? parseInt(process.env.BROKER_WEBSERVER_REQUEST_TIMEOUT)
     : 600000;