| commit | aa69164e4478b84860dc6769c710c699c67058a3 | [log] [tgz] |
|---|---|---|
| author | Gregory Man <man.gregory@gmail.com> | Thu Sep 19 16:00:00 2019 +0300 |
| committer | Brad Fitzpatrick <bradfitz@golang.org> | Mon Sep 23 16:28:16 2019 +0000 |
| tree | 3eadd6cc20a48f86022dca672b72726cbb885742 | |
| parent | 1a5e07d1ff72da30f660d3c95b312a20be31173c [diff] |
xsrftoken: escape colons The current clean() replaces : with _ (colons are internally used as separators). This produce can produce same output for different inputs, for example the user _foo_ can obtain valid tokens for user :foo:. This CL replace colons with double colons instead of replacing them with underscores. Fixes golang/go#34308 Change-Id: I3e4148a0836e62fda1a5f0ba32b375121368afd3 Reviewed-on: https://go-review.googlesource.com/c/net/+/196457 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>
This repository holds supplementary Go networking libraries.
The easiest way to install is to run go get -u golang.org/x/net. You can also manually git clone the repository to $GOPATH/src/golang.org/x/net.
This repository uses Gerrit for code changes. To learn how to submit changes to this repository, see https://golang.org/doc/contribute.html. The main issue tracker for the net repository is located at https://github.com/golang/go/issues. Prefix your issue with “x/net:” in the subject line, so it is easy to find.