From 5a175ef04a3f11c79c4c3f836fd150bdf51f7387 Mon Sep 17 00:00:00 2001 From: Ada Date: Thu, 12 Oct 2023 15:29:14 +0200 Subject: [PATCH] fix(backend): XSS on raw. --- main.go | 1 + 1 file changed, 1 insertion(+) diff --git a/main.go b/main.go index eda667a..600c02b 100644 --- a/main.go +++ b/main.go @@ -32,6 +32,7 @@ func handleRequest(w http.ResponseWriter, r *http.Request) { if urlExist(clearPath) { if strings.HasSuffix(path, "/raw") { pasteContent := db.HGet(ctx, clearPath, "content").Val() + w.Header().Set("Content-Type", "text/plain") _, err := io.WriteString(w, pasteContent) if err != nil { log.Println(err) -- 2.45.2