learn-code-the-hard-way
/
zedshaw-games
1
0
Fork 0
Code Issues 3 Pull Requests Packages Projects Releases Wiki Activity

Use http_url in Validator instead of url or else people can inject JavaScript.

Browse Source
main
Zed A. Shaw 7 days ago
parent a3d4a3dc70
commit de24d64f44
2 changed files with 3 additions and 3 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      data/models.go
  2. 4
      public/register/index.html

2
data/models.go
Unescape View File

@ -14,7 +14,7 @@ type User struct {
type Link struct {
Id int `db:"id" json:"id"`
StreamId int `db:"stream_id" json:"stream_id" form:"stream_id" validate:"required,numeric"`
Url string `db:"url" json:"url" form:"url" validate:"required,url"`
Url string `db:"url" json:"url" form:"url" validate:"required,http_url"`
Description string `db:"description" json:"description" form:"description" validate:"required"`
}

4
public/register/index.html
Unescape View File

@ -32,8 +32,8 @@
<middle>
<label for="username">Username</label>
<input id="username" name="username" placeholder="Username" type="text">
<label for="email">Email</label>
<input id="email" name="email" placeholder="Email" type="text">
<label for="email">FAKE! Email</label>
<input id="email" name="email" placeholder="fake@faker.com" type="text">
<label for="password">Password</label>
<input id="password" name="password" placeholder="Password" type="password">
</middle>

Write Preview
Loading…
Cancel
Save