gnouseu/plakken
5
2
Fork 0
Code Issues Pull requests 4 Packages 1 Activity

fix(backend): XSS on raw.

Browse source
This commit is contained in:
Ada 2023-10-12 15:29:14 +02:00
parent d85ca37d54
commit 5a175ef04a
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
main.go
View file

@ -32,6 +32,7 @@ func handleRequest(w http.ResponseWriter, r *http.Request) {
if urlExist(clearPath) { if urlExist(clearPath) {
if strings.HasSuffix(path, "/raw") { if strings.HasSuffix(path, "/raw") {
pasteContent := db.HGet(ctx, clearPath, "content").Val() pasteContent := db.HGet(ctx, clearPath, "content").Val()
w.Header().Set("Content-Type", "text/plain")
_, err := io.WriteString(w, pasteContent) _, err := io.WriteString(w, pasteContent)
if err != nil { if err != nil {
log.Println(err) log.Println(err)