mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-09 19:45:13 +02:00
18 lines
430 B
Go
18 lines
430 B
Go
// Safe: query value routed through the project-local `stripCRLF` helper
|
|
// before being written to the response header.
|
|
package main
|
|
|
|
import (
|
|
"net/http"
|
|
"strings"
|
|
)
|
|
|
|
func stripCRLF(raw string) string {
|
|
return strings.ReplaceAll(strings.ReplaceAll(raw, "\r", ""), "\n", "")
|
|
}
|
|
|
|
func handler(w http.ResponseWriter, r *http.Request) {
|
|
lang := r.URL.Query().Get("lang")
|
|
safe := stripCRLF(lang)
|
|
w.Header().Set("X-Lang", safe)
|
|
}
|