From 7ab0f6fff5c102a969288c449f2285be9ef03eee Mon Sep 17 00:00:00 2001
From: "Gerasimos (Makis) Maropoulos" <kataras2006@hotmail.com>
Date: Thu, 10 Mar 2022 21:48:05 +0200
Subject: [PATCH] set min version on tls configuration even on the tests and
 examples

---
 _examples/view/overview/templates/example.html | 4 ++--
 _examples/websocket/basic/go.mod               | 6 ++++--
 _examples/websocket/basic/server.go            | 6 ++++++
 core/host/proxy.go                             | 4 ++--
 core/host/proxy_test.go                        | 3 +--
 core/host/supervisor_test.go                   | 2 +-
 core/netutil/tcp.go                            | 4 ++--
 httptest/httptest.go                           | 2 +-
 8 files changed, 19 insertions(+), 12 deletions(-)

diff --git a/_examples/view/overview/templates/example.html b/_examples/view/overview/templates/example.html
index d540a1d0..eccd19ff 100644
--- a/_examples/view/overview/templates/example.html
+++ b/_examples/view/overview/templates/example.html
@@ -25,8 +25,8 @@
 
     <hr/>
 
-    <strong>Read more at: <a href="https://golang.org/pkg/html/template" target="_new">
-        https://golang.org/pkg/html/template</a>
+    <strong>Read more at: <a href="https://pkg.go.dev/html/template" target="_new">
+        https://pkg.go.dev/html/template</a>
     </strong>
 </body>
 </html>
\ No newline at end of file
diff --git a/_examples/websocket/basic/go.mod b/_examples/websocket/basic/go.mod
index a086f916..aa56c598 100644
--- a/_examples/websocket/basic/go.mod
+++ b/_examples/websocket/basic/go.mod
@@ -2,7 +2,9 @@ module github.com/kataras/iris/_examples/websocket/basic
 
 go 1.17
 
+// replace github.com/kataras/iris/v12 => ../../../
+
 require (
-	github.com/iris-contrib/middleware/jwt v0.0.0-20200710202437-92b01b85baaf
-	github.com/kataras/iris/v12 master
+	github.com/iris-contrib/middleware/jwt v0.0.0-20220301201128-27fa0f6a7d7e
+	github.com/kataras/iris/v12 v12.2.0-alpha9.0.20220310184134-096349bb56d8
 )
diff --git a/_examples/websocket/basic/server.go b/_examples/websocket/basic/server.go
index c67813da..60ff818a 100644
--- a/_examples/websocket/basic/server.go
+++ b/_examples/websocket/basic/server.go
@@ -113,8 +113,14 @@ func main() {
 		ctx.ServeFile("./browser/index.html")
 	})
 
+	app.Get("/other", func(ctx iris.Context) {
+		ctx.WriteString("Other route")
+	})
+
 	// serves the npm browser websocket client usage example.
 	app.HandleDir("/browserify", iris.Dir("./browserify"))
 
+	// http://localhost:8080
+	// http://localhost:8080/browserify/client.html
 	app.Listen(":8080")
 }
diff --git a/core/host/proxy.go b/core/host/proxy.go
index 81c1a005..514ad7ec 100644
--- a/core/host/proxy.go
+++ b/core/host/proxy.go
@@ -22,7 +22,7 @@ import (
 // Look `ProxyHandlerRemote` too.
 func ProxyHandler(target *url.URL, config *tls.Config) *httputil.ReverseProxy {
 	if config == nil {
-		config = &tls.Config{MinVersion: tls.VersionTLS11}
+		config = &tls.Config{MinVersion: tls.VersionTLS13}
 	}
 
 	director := func(req *http.Request) {
@@ -89,7 +89,7 @@ func modifyProxiedRequest(req *http.Request, target *url.URL) {
 // Look `ProxyHandler` too.
 func ProxyHandlerRemote(target *url.URL, config *tls.Config) *httputil.ReverseProxy {
 	if config == nil {
-		config = &tls.Config{MinVersion: tls.VersionTLS11}
+		config = &tls.Config{MinVersion: tls.VersionTLS13}
 	}
 
 	director := func(req *http.Request) {
diff --git a/core/host/proxy_test.go b/core/host/proxy_test.go
index 9d5cfd0a..f1659bcf 100644
--- a/core/host/proxy_test.go
+++ b/core/host/proxy_test.go
@@ -27,8 +27,7 @@ func TestProxy(t *testing.T) {
 
 	config := &tls.Config{
 		InsecureSkipVerify: true,
-		MinVersion:         tls.VersionTLS11,
-		MaxVersion:         tls.VersionTLS12,
+		MinVersion:         tls.VersionTLS13,
 	}
 	proxy := host.NewProxy("", u, config)
 
diff --git a/core/host/supervisor_test.go b/core/host/supervisor_test.go
index a5f784be..c4e68d68 100644
--- a/core/host/supervisor_test.go
+++ b/core/host/supervisor_test.go
@@ -25,7 +25,7 @@ func newTester(t *testing.T, baseURL string, handler http.Handler) *httpexpect.E
 
 	if strings.HasPrefix(baseURL, "http") { // means we are testing real serve time
 		transporter = &http.Transport{
-			TLSClientConfig: &tls.Config{InsecureSkipVerify: true, MinVersion: tls.VersionTLS11},
+			TLSClientConfig: &tls.Config{InsecureSkipVerify: true, MinVersion: tls.VersionTLS13},
 		}
 	} else { // means we are testing the handler itself
 		transporter = httpexpect.NewBinder(handler)
diff --git a/core/netutil/tcp.go b/core/netutil/tcp.go
index 7a2b37e1..70ced5e2 100644
--- a/core/netutil/tcp.go
+++ b/core/netutil/tcp.go
@@ -106,7 +106,7 @@ func CERT(addr string, cert tls.Certificate) (net.Listener, error) {
 	tlsConfig := &tls.Config{
 		Certificates:             []tls.Certificate{cert},
 		PreferServerCipherSuites: true,
-		MinVersion:               tls.VersionTLS11,
+		MinVersion:               tls.VersionTLS13,
 	}
 	return tls.NewListener(l, tlsConfig), nil
 }
@@ -146,7 +146,7 @@ func LETSENCRYPT(addr string, reuse bool, serverName string, cacheDirOptional ..
 	} else {
 		m.Cache = autocert.DirCache(cacheDir)
 	}
-	tlsConfig := &tls.Config{GetCertificate: m.GetCertificate, MinVersion: tls.VersionTLS11}
+	tlsConfig := &tls.Config{GetCertificate: m.GetCertificate, MinVersion: tls.VersionTLS13}
 
 	// use InsecureSkipVerify or ServerName to a value
 	if serverName == "" {
diff --git a/httptest/httptest.go b/httptest/httptest.go
index 3db87c0d..f193e85e 100644
--- a/httptest/httptest.go
+++ b/httptest/httptest.go
@@ -153,7 +153,7 @@ func NewInsecure(t *testing.T, setters ...OptionSetter) *httpexpect.Expect {
 		setter.Set(conf)
 	}
 	transport := &http.Transport{
-		TLSClientConfig: &tls.Config{InsecureSkipVerify: true, MinVersion: tls.VersionTLS11}, // lint:ignore
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: true, MinVersion: tls.VersionTLS13}, // lint:ignore
 	}
 
 	testConfiguration := httpexpect.Config{