adporn.net Solution: Securing output - Go Video Tutorial | LinkedIn Learning, formerly Lynda.com

LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: Secure Coding in Go

Unlock the full course today

Join today to access over 24,700 courses taught by industry experts.

Solution: Securing output

Solution: Securing output - Go Tutorial

From the course: Secure Coding in Go

Start my 1-month free trial Buy for my team

Solution: Securing output

“

(upbeat music) - [Instructor] So here's my solution, the form can stay a string because it doesn't have any parameters, but the login template, which generates the data dynamically is using now HTML template showing the status. Another thing we're doing is, we are doing return after the authentication error to make sure that there are no problems and now we execute the template. Let's run this code, open the debug console to see that it's running and now we can try it out. If you go here and start without, will say just bad login, but if you go back and save the user and the password, we will get the script and the vulnerability of the XSS is not going to trigger.

Contents