hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ginsbach/NewOverlayLocalJava
codeql/go/ql/test/query-tests/Security/CWE-079/ReflectedXss.go
Chuan-kai Lin aa514fff32 codeql-go merge prep: move into go/ directory
2022-05-20 10:07:19 -07:00

21 lines
447 B
Go
Raw Permalink Blame History

package main
import (
"fmt"
"net/http"
)
func serve() {
http.HandleFunc("/user", func(w http.ResponseWriter, r *http.Request) {
r.ParseForm()
username := r.Form.Get("username")
if !isValidUsername(username) {
// BAD: a request parameter is incorporated without validation into the response
fmt.Fprintf(w, "%q is an unknown user", username)
} else {
// TODO: Handle successful login
}
})
http.ListenAndServe(":80", nil)
}
Reference in New Issue View Git Blame Copy Permalink