Description

Currently there are multiple places throughout ColdFront where external web requests are made to other APIs that do not have timeouts. These could in theory block and contribute to a DOS. Since there are many places throughout ColdFront where API requests are made, it would be best if administrators could provide a standard amount of time they would like to give for a web request to take before it times out.

1. A setting REQUEST_TIMEOUT_SECONDS should be added to allow admins to configure by default how long arbitrary requests made by ColdFront should take before timing out.
2. Timeouts should be added to all external API requests to prevent unintended DOS.
3. Add linter rules to check that developers are using timeouts when calling to external services.

Component

No response

Additional information