ryan/games
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 9 Wiki Activity

fix: limit request body size on auth form handlers (gosec G120)
All checks were successful
CI / Deploy / test (push) Successful in 14s
Details
CI / Deploy / lint (push) Successful in 45s
Details
CI / Deploy / deploy (push) Successful in 1m34s
Details

Browse Source
This commit is contained in:
Ryan Hamamura
2026-03-11 10:19:03 -10:00
parent 93147ffc46
commit b1f754831a
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
features/auth/handlers.go
View File

@@ -39,6 +39,7 @@ func HandleRegisterPage() http.HandlerFunc {
func HandleLogin(queries *repository.Queries, sessions *scs.SessionManager) http.HandlerFunc { func HandleLogin(queries *repository.Queries, sessions *scs.SessionManager) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) { return func(w http.ResponseWriter, r *http.Request) {
r.Body = http.MaxBytesReader(w, r.Body, 1024)
username := r.FormValue("username") username := r.FormValue("username")
password := r.FormValue("password") password := r.FormValue("password")
@@ -73,6 +74,7 @@ func HandleLogin(queries *repository.Queries, sessions *scs.SessionManager) http
func HandleRegister(queries *repository.Queries, sessions *scs.SessionManager) http.HandlerFunc { func HandleRegister(queries *repository.Queries, sessions *scs.SessionManager) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) { return func(w http.ResponseWriter, r *http.Request) {
r.Body = http.MaxBytesReader(w, r.Body, 1024)
username := r.FormValue("username") username := r.FormValue("username")
password := r.FormValue("password") password := r.FormValue("password")
confirm := r.FormValue("confirm") confirm := r.FormValue("confirm")