fix(backend): XSS on raw. #6

Merged
hacki merged 1 commit from fix-xss-raw into main 2023-10-15 01:15:36 +02:00

View file

@ -32,6 +32,7 @@ func handleRequest(w http.ResponseWriter, r *http.Request) {
if urlExist(clearPath) { if urlExist(clearPath) {
if strings.HasSuffix(path, "/raw") { if strings.HasSuffix(path, "/raw") {
pasteContent := db.HGet(ctx, clearPath, "content").Val() pasteContent := db.HGet(ctx, clearPath, "content").Val()
w.Header().Set("Content-Type", "text/plain")
_, err := io.WriteString(w, pasteContent) _, err := io.WriteString(w, pasteContent)
if err != nil { if err != nil {
log.Println(err) log.Println(err)