WAF: add custom HTTP server

[blotus]

The current implementation relies on the standard net/http server, which is pretty opinionated about what a request should look like.

This can cause the appsec datasource to refuse to analyze some requests that are technically invalid according to the RFC, but still processed by other web servers.

This PR replace the net/http server with a custom one that avoid rejecting requests.

Proper fix would be to move away from HTTP for the appsec protocol, but this would require a lot of breaking changes.

Once this PR is merged, we'll still need to rethink the way requests are serialized to better split the transport layer with the data layer.

[github-actions]

@blotus: There are no 'kind' label on this PR. You need a 'kind' label to generate the release automatically.

• /kind feature
• /kind enhancement
• /kind refactoring
• /kind fix
• /kind chore
• /kind dependencies

Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

[github-actions]

@blotus: There are no area labels on this PR. You can add as many areas as you see fit.

• /area agent
• /area local-api
• /area cscli
• /area appsec
• /area security
• /area configuration

Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

[codecov]

Codecov Report

❌ Patch coverage is 73.93258% with 116 lines in your changes missing coverage. Please review.
✅ Project coverage is 64.00%. Comparing base (b4b2de2) to head (15aa177).

Files with missing lines	Patch %	Lines
...kg/acquisition/modules/appsec/httpserver/server.go	65.74%	52 Missing and 10 partials ⚠️
...kg/acquisition/modules/appsec/httpserver/writer.go	61.40%	17 Missing and 5 partials ⚠️
pkg/acquisition/modules/appsec/httpserver/body.go	83.50%	10 Missing and 6 partials ⚠️
...kg/acquisition/modules/appsec/httpserver/parser.go	85.04%	8 Missing and 8 partials ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #4472      +/-   ##
==========================================
+ Coverage   63.89%   64.00%   +0.11%     
==========================================
  Files         478      482       +4     
  Lines       34298    34736     +438     
==========================================
+ Hits        21915    22234     +319     
- Misses      10227    10317      +90     
- Partials     2156     2185      +29     

Flag	Coverage Δ
bats	46.43% <45.61%> (-0.03%)	⬇️
unit-linux	37.73% <72.80%> (+0.40%)	⬆️
unit-windows	26.60% <72.80%> (+0.59%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.