Golang Code Review #05
Bookmarked!This challenge covers the review of a snippet of code written in Golang.
In this lab, we delve into a piece of Go code split across multiple files. The main.go file sets up a basic HTTP server using the net/http package. The handler.go file contains a redirect function that could potentially mishandle user input, while routes.go configures the router and serves static files. The primary goal is to identify potential security issues within these snippets, focusing on the logic of the code rather than imports.
The Redirect function in handler.go is particularly interesting. It matches the incoming "uri" parameter against a regular expression to determine if it should redirect the user. However, improper handling and validation of this parameter could lead to security issues like Open Redirect vulnerabilities. The GetRouter function in routes.go sets up the necessary routes and serves files from a static directory, which could also be a point of concern if not managed properly.