Affected by GO-2022-0540
and 17 other vulnerabilities
GO-2022-0540 : Mattermost users could access some sensitive information via API call in github.com/mattermost/mattermost-server
GO-2022-0576 : Insecure plugin handling in Mattermost in github.com/mattermost/mattermost-server
GO-2022-0595 : Resource exhaustion in Mattermost in github.com/mattermost/mattermost-server
GO-2022-0599 : Improper Control of a Resource Through its Lifetime in Mattermost in github.com/mattermost/mattermost-server
GO-2022-0604 : Cross-site Scripting in Mattermost in github.com/mattermost/mattermost-server
GO-2022-0616 : Improper Privilege Management in Mattermost in github.com/mattermost/mattermost-server
GO-2023-1939 : Mattermost Server Sensitive Data Exposure in github.com/mattermost/mattermost
GO-2024-2444 : Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server
GO-2024-2446 : Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server
GO-2024-2448 : Mattermost notified all users in the channel when using WebSockets to respond individually in github.com/mattermost/mattermost-server
GO-2024-2450 : Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server
GO-2024-2707 : Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server
GO-2024-3164 : Mattermost fails to strip `embeds` from `metadata` when broadcasting `posted` events in github.com/mattermost/mattermost-server
GO-2024-3227 : Mattermost incorrectly issues two sessions when using desktop SSO in github.com/mattermost/mattermost-server
GO-2024-3232 : Mattermost Server allows user to get private channel names in github.com/mattermost/mattermost-server
GO-2024-3233 : Mattermost Server Path Traversal vulnerability that leads to Cross-Site Request Forgery in github.com/mattermost/mattermost-server
GO-2024-3234 : Mattermost Server vulnerable to application crash from attacker-generated large response in github.com/mattermost/mattermost-server
GO-2024-3235 : Mattermost server allows authenticated user to delete arbitrary post in github.com/mattermost/mattermost-server
The highest tagged major version is
v6 .
Discover Packages
github.com/mattermost/mattermost-server
services
httpservice
package
Version:
v5.7.2-rc1+incompatible
Opens a new window with list of versions in this module.
Published: Feb 13, 2019
License: AGPL-3.0, Apache-2.0
Opens a new window with license information.
Imports: 9
Opens a new window with list of imports.
Imported by: 84
Opens a new window with list of known importers.
Documentation
Documentation
¶
View Source
var AddressForbidden error = errors .New ("address forbidden, you may need to set AllowedUntrustedInternalConnections to allow an integration access to your internal network")
NewHTTPClient returns a variation the default implementation of Client.
It uses a Transport with the same settings as the default Transport
but with the following modifications:
shorter timeout for dial and TLS handshake (defined as constant
"connectTimeout")
timeout for the end-to-end request (defined as constant
"requestTimeout")
type HTTPService interface {
MakeClient(trustURLs bool ) *Client
Close()
}
Wraps the functionality for creating a new http.Client to encapsulate that and allow it to be mocked when testing
type HTTPServiceImpl struct {
}
Source Files
¶
Click to show internal directories.
Click to hide internal directories.