We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Example: https://github.com/japananh/zero-and-one/blob/main/middleware/cors.go
package main import ( "fmt" "log" "net/http" "time" "github.com/gin-gonic/gin" "github.com/gin-contrib/limit" ) func main() { r := gin.Default() // Apply rate limiting middleware // The number depends on server capacity, expected traffic, response time, resource intensity, load testing, failover and scalability, security, monitoring and adjustments. r.Use(limit.MaxAllowed(10)) // Limit to 10 requests per second r.GET("/api/data", getData) r.Run(":8080") } func getData(c *gin.Context) { // Simulate some work time.Sleep(100 * time.Millisecond) c.JSON(http.StatusOK, gin.H{"message": "Data retrieved successfully"}) }
To protect against XSS, you should properly escape and sanitize user-generated content before rendering it in your web pages using html/template.
html/template
package main import ( "html" "net/url" ) func sanitizeInput(input string) string { // Sanitize for HTML htmlSafe := html.EscapeString(input) // Sanitize for URL urlSafe := url.QueryEscape(htmlSafe) return urlSafe }
The text was updated successfully, but these errors were encountered:
japananh
No branches or pull requests
Prevent critical attacks in APIs
1. CORS
Example: https://github.com/japananh/zero-and-one/blob/main/middleware/cors.go
2. DoS (Denial of Service)
3. SQL Injection
4. XSS (Cross-Site Scripting)
To protect against XSS, you should properly escape and sanitize user-generated content before rendering it in your web pages using
html/template
.SSRF (Server-Side Request Forgery)
The text was updated successfully, but these errors were encountered: