GO-2024-3228: Coder vulnerable to post-auth URL redirection to untrusted site ('Open Redirect') in github.com/coder/coder

The highest tagged major version is v2.

httpapi

package

v0.4.1 Latest Latest Go to latest Published: Apr 12, 2022 License: AGPL-3.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

This section is empty.

This section is empty.

func Read(rw http.ResponseWriter, r *http.Request, value interface{}) bool

Read decodes JSON from the HTTP request into the value provided. It uses go-validator to validate the incoming request body.

func WebsocketCloseSprintf(format string, vars ...any) string

WebsocketCloseSprintf formats a websocket close message and ensures it is truncated to the maximum allowed length.

func Write(rw http.ResponseWriter, status int, response Response)

Write outputs a standardized format to an HTTP response body.

type Error struct {
	Field string `json:"field" validate:"required"`
	Code  string `json:"code" validate:"required"`
}

Error represents a scoped error to a user input.

type Response struct {
	Message string  `json:"message" validate:"required"`
	Errors  []Error `json:"errors,omitempty" validate:"required"`
}

Response represents a generic HTTP response.