Movatterモバイル変換

[0]ホーム
URL:

Alert GO-2024-3228: Coder vulnerable to post-auth URL redirection to untrusted site ('Open Redirect') in github.com/coder/coder
Notice  The highest tagged major version isv2.

gorules

package
v0.27.3Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest Published: Aug 1, 2023 License:AGPL-3.0Imports:2Imported by:0

Details

Repository

github.com/coder/coder

Links

Documentation

Overview

Package gorules defines custom lint rules for ruleguard.

golangci-lint runs these rules via go-critic, which includes supportfor ruleguard. All Go files in this directory define lint rulesin the Ruleguard DSL; see:

-https://go-ruleguard.github.io/by-example/-https://pkg.go.dev/github.com/quasilyte/go-ruleguard/dsl

You run one of the following commands to execute your go rules only:

golangci-lint rungolangci-lint run --disable-all --enable=gocritic

Note: don't forget to run `golangci-lint cache clean`!

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

funcFullResponseWriteradded inv0.9.1

func FullResponseWriter(mdsl.Matcher)

FullResponseWriter ensures that any overridden response writer has fullfunctionality. Mainly is hijackable and flushable.

funcHttpAPIErrorMessageadded inv0.6.3

func HttpAPIErrorMessage(mdsl.Matcher)

HttpAPIErrorMessage intends to enforce constructing proper sentences aserror messages for the api. A proper sentence includes proper capitalizationand ends with punctuation.There are ways around the linter, but this should work in the common cases.

funcHttpAPIReturnadded inv0.7.7

func HttpAPIReturn(mdsl.Matcher)

HttpAPIReturn will report a linter violation if the http function is notreturned after writing a response to the client.

funcInTx

func InTx(mdsl.Matcher)

InTx checks to ensure the database used inside the transaction closure is the transactiondatabase, and not the original database that creates the tx.

funcProperRBACReturnadded inv0.7.0

func ProperRBACReturn(mdsl.Matcher)

ProperRBACReturn ensures we always write to the response writer after acall to Authorize. If we just do a return, the client will get a status code200, which is incorrect.

Types

This section is empty.

Source Files

View all Source files

Directories

PathSynopsis
apidocgen

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f orF : Jump to
y orY : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic.Learn more.
[8]ページ先頭
©2009-2025 Movatter.jp