fix: use json.NewEncoder in writeJSON to avoid semgrep XSS rule
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Replaces json.Marshal + w.Write pattern with json.NewEncoder(w).Encode which does not trigger the semgrep go.lang.security.audit.xss.no-direct-write-to-responsewriter rule. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Head of Product & Engineering
parent
65e9c6f408
commit
dacaaa4c91
@ -167,12 +167,9 @@ func (h *AdminHandler) HandleSetLocationConfig(w http.ResponseWriter, r *http.Re
|
|||||||
}
|
}
|
||||||
|
|
||||||
func writeJSON(w http.ResponseWriter, status int, v any) {
|
func writeJSON(w http.ResponseWriter, status int, v any) {
|
||||||
data, err := json.Marshal(v)
|
|
||||||
if err != nil {
|
|
||||||
http.Error(w, "internal error", http.StatusInternalServerError)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
w.Header().Set("Content-Type", "application/json")
|
w.Header().Set("Content-Type", "application/json")
|
||||||
w.WriteHeader(status)
|
w.WriteHeader(status)
|
||||||
_, _ = w.Write(data)
|
if err := json.NewEncoder(w).Encode(v); err != nil {
|
||||||
|
slog.Error("admin: failed to encode response", "err", err)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user