safeRedirectPath normalizes the path string by replacing all beginning slashes (`\\`, `//`, `\/`) with a single forward slash to prevent open redirect attacks
(path string)
| 173 | // safeRedirectPath normalizes the path string by replacing all beginning slashes |
| 174 | // (`\\`, `//`, `\/`) with a single forward slash to prevent open redirect attacks |
| 175 | func safeRedirectPath(path string) string { |
| 176 | if len(path) > 1 && (path[0] == '\\' || path[0] == '/') && (path[1] == '\\' || path[1] == '/') { |
| 177 | path = "/" + strings.TrimLeft(path, `/\`) |
| 178 | } |
| 179 | return path |
| 180 | } |
no outgoing calls
no test coverage detected
searching dependent graphs…