mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-12 19:55:14 +02:00
12 lines
311 B
Go
12 lines
311 B
Go
// Unsafe: net/http `ResponseWriter.Header().Set` receives a value built from
|
|
// `r.URL.Query().Get`. HEADER_INJECTION fires on the value argument.
|
|
package main
|
|
|
|
import (
|
|
"net/http"
|
|
)
|
|
|
|
func handler(w http.ResponseWriter, r *http.Request) {
|
|
lang := r.URL.Query().Get("lang")
|
|
w.Header().Set("X-Lang", lang)
|
|
}
|