xss validation
This commit is contained in:
+14
-12
@@ -4,22 +4,24 @@ import (
|
||||
"encoding/json"
|
||||
"tm/pkg/logger"
|
||||
"tm/pkg/response"
|
||||
"tm/pkg/security"
|
||||
|
||||
"github.com/asaskevich/govalidator"
|
||||
"github.com/labstack/echo/v4"
|
||||
)
|
||||
|
||||
// Handler handles HTTP requests for inquiry operations
|
||||
type Handler struct {
|
||||
service Service
|
||||
logger logger.Logger
|
||||
service Service
|
||||
logger logger.Logger
|
||||
xssPolicy *security.XSSPolicy
|
||||
}
|
||||
|
||||
// NewInquiryHandler creates a new inquiry handler
|
||||
func NewHandler(service Service, logger logger.Logger) *Handler {
|
||||
func NewHandler(service Service, logger logger.Logger, xssPolicy *security.XSSPolicy) *Handler {
|
||||
return &Handler{
|
||||
service: service,
|
||||
logger: logger,
|
||||
service: service,
|
||||
logger: logger,
|
||||
xssPolicy: xssPolicy,
|
||||
}
|
||||
}
|
||||
|
||||
@@ -42,8 +44,8 @@ func (h *Handler) CreateInquiry(c echo.Context) error {
|
||||
return response.BadRequest(c, "Invalid request format", "")
|
||||
}
|
||||
|
||||
// Validate form
|
||||
if _, err := govalidator.ValidateStruct(form); err != nil {
|
||||
// Validate and sanitize form
|
||||
if err := form.ValidateAndSanitize(h.xssPolicy); err != nil {
|
||||
return response.ValidationError(c, err.Error(), "")
|
||||
}
|
||||
|
||||
@@ -122,8 +124,8 @@ func (h *Handler) UpdateInquiryStatus(c echo.Context) error {
|
||||
return response.BadRequest(c, "Invalid request format", "")
|
||||
}
|
||||
|
||||
// Validate form
|
||||
if _, err := govalidator.ValidateStruct(form); err != nil {
|
||||
// Validate and sanitize form
|
||||
if err := form.ValidateAndSanitize(h.xssPolicy); err != nil {
|
||||
return response.ValidationError(c, err.Error(), "")
|
||||
}
|
||||
|
||||
@@ -163,8 +165,8 @@ func (h *Handler) SearchInquiries(c echo.Context) error {
|
||||
return response.BadRequest(c, "Invalid request format", "")
|
||||
}
|
||||
|
||||
// Validate form
|
||||
if _, err := govalidator.ValidateStruct(form); err != nil {
|
||||
// Validate and sanitize form
|
||||
if err := form.ValidateAndSanitize(h.xssPolicy); err != nil {
|
||||
return response.ValidationError(c, err.Error(), "")
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user