Changes to run laconic-console app with laconicd #75
@ -1,8 +1,6 @@
|
||||
|
|
||||
package gql
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
"fmt"
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
"html/template"
|
||||
"net/http"
|
||||
)
|
||||
@ -12,23 +10,10 @@ import (
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
//
|
||||
// For more information, see https://github.com/graphql/graphiql.
|
||||
|
||||
func respond(w http.ResponseWriter, body []byte, code int) {
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
w.Header().Set("Content-Type", "application/json; charset=utf-8")
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
w.Header().Set("X-Content-Type-Options", "nosniff")
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
w.WriteHeader(code)
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
_, _ = w.Write(body)
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
}
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
func errorJSON(msg string) []byte {
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
buf := bytes.Buffer{}
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
fmt.Fprintf(&buf, `{"error": "%s"}`, msg)
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
return buf.Bytes()
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
}
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
func PlaygroundHandler(apiURL string) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
if r.Method != "GET" {
|
||||
respond(w, errorJSON("only GET requests are supported"), http.StatusMethodNotAllowed)
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
http.Error(w, "only GET requests are supported", http.StatusMethodNotAllowed)
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
return
|
||||
}
|
||||
w.Header().Set("Content-Type", "text/html")
|
||||
@ -158,7 +143,6 @@ var page = template.Must(template.New("graphiql").Parse(`
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
ReactDOM.render(
|
||||
React.createElement(GraphiQL, {
|
||||
fetcher: GraphiQL.createFetcher({
|
||||
// subscriptionUrl: 'ws://localhost:8081/subscriptions',
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
url: {{.apiURL}}
|
||||
}),
|
||||
query: parameters.query,
|
||||
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections. ## Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/561)
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'. ## Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
[Show more details](https://github.com/cerc-io/laconicd/security/code-scanning/559)
|
||||
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Show more details
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Show more details
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Insecure WebSocket Detected. WebSocket Secure (wss) should be used for all WebSocket connections.
Show more details
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Detected directly writing or similar in 'http.ResponseWriter.write()'. This bypasses HTML escaping that prevents cross-site scripting vulnerabilities. Instead, use the 'html/template' package and render data using 'template.Execute()'.
Show more details