Files
SafeLine/management/webserver/utils/httpclient.go
T
Binbim 5dcd0595f1 fix: security hardening - remove backdoors and disable TLS verification bypass
- Remove NO_AUTH environment variable bypass (production security risk)
- Fix InsecureSkipVerify: true -> false in FVM and HTTP client code
- Restore proper auth middleware on all protected routes
- All 31 modified files now have clean security posture
2026-07-05 13:25:15 +08:00

36 lines
563 B
Go

package utils
import (
"crypto/tls"
"net/http"
"net/url"
"os"
"time"
)
const proxyName = "HTTPS_PROXY"
var httpClient *http.Client
func GetHTTPClient() *http.Client {
if httpClient == nil {
tr := &http.Transport{
MaxIdleConns: 10,
IdleConnTimeout: 30 * time.Second,
TLSClientConfig: &tls.Config{
InsecureSkipVerify: false,
},
}
proxyUrl, existed := os.LookupEnv(proxyName)
if existed {
uri, _ := url.Parse(proxyUrl)
tr.Proxy = http.ProxyURL(uri)
}
httpClient = &http.Client{Transport: tr}
}
return httpClient
}