Fix missing-host-header test reliability

Keep stdin open with sleep after printf to prevent BusyBox nc from
closing the connection before HAProxy processes the HTTP request in
the backend. Also remove unnecessary 500ms delay from report script.

Author: dash14

report/main.mjs

@@ -6,9 +6,6 @@ import { fileURLToPath } from "node:url";
 const __dirname = dirname(fileURLToPath(import.meta.url));
 
 // 1. Fetch proxy logs
-// Brief wait to ensure Docker log driver captures all HAProxy output
-await new Promise((resolve) => setTimeout(resolve, 500));
-
 const composeFile = process.argv[2] || join(__dirname, "..", "setup", "compose.yml");
 const logs = execFileSync(
   "docker",

test/Dockerfile.audit

@@ -48,7 +48,7 @@ RUN echo "=== [HTTPS - missing-sni] ===" && \
 # [HTTP - missing-host-header (HTTP request without Host header)]
 RUN echo "=== [HTTP - missing-host-header] ===" && \
     echo "Testing HTTP request without Host header (should be blocked)..." && \
-    (printf 'GET / HTTP/1.0\r\n\r\n' | nc -w 5 allowed.example.com 80 > /dev/null 2>&1 || true) && \
+    ((printf 'GET / HTTP/1.0\r\n\r\n'; sleep 1) | nc -w 5 allowed.example.com 80 > /dev/null 2>&1 || true) && \
     echo "✓ missing-host-header: request sent (blocked expected in logs)"
 
 # Network configuration check

test/Dockerfile.restrict

@@ -83,7 +83,7 @@ RUN echo "=== [HTTPS - missing-sni] ===" && \
 # [HTTP - missing-host-header (HTTP request without Host header)]
 RUN echo "=== [HTTP - missing-host-header] ===" && \
     echo "Testing HTTP request without Host header (should be blocked)..." && \
-    (printf 'GET / HTTP/1.0\r\n\r\n' | nc -w 5 allowed.example.com 80 > /dev/null 2>&1 || true) && \
+    ((printf 'GET / HTTP/1.0\r\n\r\n'; sleep 1) | nc -w 5 allowed.example.com 80 > /dev/null 2>&1 || true) && \
     echo "✓ missing-host-header: request sent (blocked expected in logs)"
 
 # Network configuration check