security

package

v0.10.1 Latest Latest Go to latest Published: Mar 15, 2022 License: LGPL-3.0 Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/teal-finance/garcon

Links

Open Source Insights

Documentation ¶

Index ¶

func Obfuscate(s string) (string, error)
func RejectLineBreakInURI(next http.Handler) http.Handler
func Sanitize(s string) string
func ValidForLogging(s string) bool
func ValidPath(w http.ResponseWriter, r *http.Request) bool
func ValidRuneForLogging(r rune) bool
type Hash
- func NewHash() (Hash, error)
- func (h Hash) Obfuscate(s string) (string, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Obfuscate ¶

func Obfuscate(s string) (string, error)

Obfuscate hashes the input string to prevent logging sensitive information. HighwayHash is a hashing algorithm enabling high speed (especially on AMD64).

func RejectLineBreakInURI ¶

func RejectLineBreakInURI(next http.Handler) http.Handler

RejectLineBreakInURI rejects HTTP requests having a Carriage Return "\r" or a Line Feed "\n" within the URI to prevent log injection.

func Sanitize ¶

func Sanitize(s string) string

Sanitize replaces control codes by the tofu symbol and invalid UTF-8 codes by the replacement character. Sanitize can be used to prevent log injection. Inspired from: https://wikiless.org/wiki/Replacement_character#Replacement_character https://graphicdesign.stackexchange.com/q/108297

func ValidForLogging ¶

func ValidForLogging(s string) bool

ValidForLogging returns false if input string contains a Carriage Return "\r", or a Line Feed "\n", or any other ASCII control code (except space), or, as well as, invalid UTF-8 codes. ValidForLogging can be used to prevent log injection.

func ValidPath ¶

func ValidPath(w http.ResponseWriter, r *http.Request) bool

ValidPath replies a HTTP error on invalid path to prevent path traversal attacks.

func ValidRuneForLogging ¶

func ValidRuneForLogging(r rune) bool

ValidRuneForLogging returns false if rune is a Carriage Return "\r", or a Line Feed "\n", or another ASCII control code (except space), or an invalid UTF-8 code. ValidRuneForLogging can be used to prevent log injection.

Types ¶

type Hash ¶

type Hash struct {
	// contains filtered or unexported fields
}

func NewHash ¶

func NewHash() (Hash, error)

func (Hash) Obfuscate ¶

func (h Hash) Obfuscate(s string) (string, error)

Obfuscate hashes the input string to prevent logging sensitive information. HighwayHash is a hashing algorithm enabling high speed (especially on AMD64).

Source Files ¶

View all Source files

security.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL