Skip to content

Commit

Permalink
Fix code scanning alert #3: Reflected cross-site scripting
Browse files Browse the repository at this point in the history 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
  • Loading branch information
@resslr @github-advanced-security
resslr and github-advanced-security[bot] authored Sep 19, 2024
1 parent a57dd08 commit aca836f
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion handlers/index.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import (
"database/sql"
"encoding/hex"
"fmt"
"html"
"log"
"net/http"
"strings"
Expand Down Expand Up @@ -65,7 +66,7 @@ func Main(w http.ResponseWriter, r *http.Request) {
}

w.WriteHeader(http.StatusCreated)
w.Write([]byte(fmt.Sprintf("Location: /s/%s", customCode)))
w.Write([]byte(fmt.Sprintf("Location: /s/%s", html.EscapeString(customCode))))
return
}

Expand Down

0 comments on commit aca836f

Please sign in to comment.