Skip to content

Commit

Permalink
s/Replace/ReplaceAll/ in LogInjectionGood.go
Browse files Browse the repository at this point in the history
  • Loading branch information
phillmv authored Sep 19, 2023
1 parent 8354439 commit 11218f7
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions go/ql/src/Security/CWE-117/LogInjectionGood.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ import (
// GOOD: The user-provided value is escaped before being written to the log.
func handlerGood(req *http.Request) {
username := req.URL.Query()["username"][0]
escapedUsername := strings.Replace(username, "\n", "", -1)
escapedUsername = strings.Replace(escapedUsername, "\r", "", -1)
escapedUsername := strings.ReplaceAll(username, "\n", "", -1)
escapedUsername = strings.ReplaceAll(escapedUsername, "\r", "", -1)
log.Printf("user %s logged in.\n", escapedUsername)
}

0 comments on commit 11218f7

Please sign in to comment.