Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(490)

Issue 106370045: code review 106370045: go.tools/cmd/vet: flag uses of text/template to generat... (Closed)

Can't Edit
Can't Publish+Mail
Start Review
Created:
9 years, 9 months ago by josharian
Modified:
9 years, 2 months ago
Reviewers:
CC:
r, dsymonds, golang-codereviews
Visibility:
Public.

Description

go.tools/cmd/vet: flag uses of text/template to generate html This check flagged 208 instances in a public corpus, including an instance in net/rpc. (Fortunately, there was no actual security issue in net/rpc.) Fixes issue 8221.

Patch Set 1 #

Patch Set 2 : diff -r 5e316c800d33 https://code.google.com/p/go.tools #

Patch Set 3 : diff -r 5e316c800d33 https://code.google.com/p/go.tools #

Patch Set 4 : diff -r a2a0f87c4b38 https://code.google.com/p/go.tools #

Patch Set 5 : diff -r a2a0f87c4b38 https://code.google.com/p/go.tools #

Total comments: 11

Patch Set 6 : diff -r a2a0f87c4b38 https://code.google.com/p/go.tools #

Unified diffs Side-by-side diffs Delta from patch set Stats (+137 lines, -0 lines) Patch
M cmd/vet/doc.go View 1 2 3 4 5 1 chunk +6 lines, -0 lines 0 comments Download
A cmd/vet/template.go View 1 2 3 4 5 1 chunk +89 lines, -0 lines 0 comments Download
A cmd/vet/testdata/template.go View 1 2 3 4 5 1 chunk +42 lines, -0 lines 0 comments Download

Messages

Total messages: 9
josharian
Hello r@golang.org, dsymonds@golang.org (cc: golang-codereviews@googlegroups.com), I'd like you to review this change to https://code.google.com/p/go.tools
9 years, 9 months ago (2014-07-03 23:35:08 UTC) #1
josharian
This should be the last new vet check from me for a while. :)
9 years, 9 months ago (2014-07-03 23:35:59 UTC) #2
r
unconvinced yet, but maybe https://codereview.appspot.com/106370045/diff/40002/cmd/vet/doc.go File cmd/vet/doc.go (right): https://codereview.appspot.com/106370045/diff/40002/cmd/vet/doc.go#newcode135 cmd/vet/doc.go:135: Unsafe use of templates. Unsafe ...
9 years, 8 months ago (2014-07-07 17:43:11 UTC) #3
dsymonds
https://codereview.appspot.com/106370045/diff/40002/cmd/vet/template.go File cmd/vet/template.go (right): https://codereview.appspot.com/106370045/diff/40002/cmd/vet/template.go#newcode21 cmd/vet/template.go:21: "check that templates are used safely", On 2014/07/07 17:43:11, ...
9 years, 8 months ago (2014-07-08 02:46:53 UTC) #4
josharian
> unconvinced yet, but maybe Take your time, and let me know how I can ...
9 years, 8 months ago (2014-07-08 02:50:26 UTC) #5
dsymonds
On 8 July 2014 12:50, <josharian@gmail.com> wrote: > Take your time, and let me know ...
9 years, 8 months ago (2014-07-08 02:52:15 UTC) #6
josharian
> > s/safely/securely/ ? > > Also might be worth mentioning something about HTML in ...
9 years, 8 months ago (2014-07-08 02:52:37 UTC) #7
josharian
> > Take your time, and let me know how I can help you make ...
9 years, 8 months ago (2014-07-09 01:08:28 UTC) #8
gobot
9 years, 3 months ago (2014-12-19 05:09:36 UTC) #9
R=close

To the author of this CL:

The Go project has moved to Gerrit Code Review.

If this CL should be continued, please see the latest version of
https://golang.org/doc/contribute.html for instructions on
how to set up Git and the Go project's Gerrit codereview plugin,
and then create a new change with your current code.

If there has been discussion on this CL, please give a link to it
(golang.org/cl/106370045 is best) in the description in your
new CL.

Thanks very much.
Sign in to reply to this message.

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b