hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ginsbach/OverlayLocalJava
codeql/go/ql/test/query-tests/Security/CWE-918/tst.go
Chuan-kai Lin aa514fff32 codeql-go merge prep: move into go/ directory
2022-05-20 10:07:19 -07:00

43 lines
819 B
Go
Raw Permalink Blame History

package main
import (
"context"
"net/http"
"net/url"
)
func handler2(w http.ResponseWriter, req *http.Request) {
tainted := req.FormValue("target")
http.Get("example.com") // OK
http.Get(tainted) // Not OK
http.Head(tainted) // OK
http.Post(tainted, "text/basic", nil) // Not OK
client := &http.Client{}
rq, _ := http.NewRequest("GET", tainted, nil)
client.Do(rq) // Not OK
rq, _ = http.NewRequestWithContext(context.Background(), "GET", tainted, nil)
client.Do(rq) // Not OK
http.Get("http://" + tainted) // Not OK
http.Get("http://example.com" + tainted) // Not OK
http.Get("http://example.com/" + tainted) // OK
http.Get("http://example.com/?" + tainted) // OK
u, _ := url.Parse("http://example.com/relative-path")
u.Host = tainted
http.Get(u.String()) // Not OK
}
func main() {
}
Reference in New Issue View Git Blame Copy Permalink