sdk/golang/Web Frameworks/GoChiRouter

GoChiRouter

Chi HTTP router (chi.Router and chi.Mux). Path parameters extracted via URLParam are taint sources. Chi is one of the most popular lightweight routers in the Go ecosystem.

2 sources

Taint flow2 sources → 0 sinks

Sources — untrusted input

.URLParam()Returns URL path parameter for the given key (e

.URLParamFromCtx()Returns URL path parameter from the request context

Sources

— user-controlled input enters here

.URLParam()Source

Signature

URLParam(r *http.Request, key string) string

Returns URL path parameter for the given key (e.g. /users/{id}). User-controlled.

tracks:return

.URLParamFromCtx()Source

Signature

URLParamFromCtx(ctx context.Context, key string) string

Returns URL path parameter from the request context. User-controlled.

tracks:return

Other Methods

.Handle()Neutral

Signature

Handle(pattern string, h http.Handler)

Registers an http.Handler for a URL pattern. Routing primitive (neutral).

.HandleFunc()Neutral

Signature

HandleFunc(pattern string, h http.HandlerFunc)

Registers a handler function for a pattern. Routing primitive (neutral).

.Get()Neutral

Signature

Get(pattern string, h http.HandlerFunc)

Registers a GET handler for a pattern. Routing primitive (neutral).

.Post()Neutral

Signature

Post(pattern string, h http.HandlerFunc)

Registers a POST handler. Routing primitive (neutral).

Fully-Qualified Names

FQN	Field
github.com/go-chi/chi/v5.Router	fqns[0]
github.com/go-chi/chi/v5.Mux	fqns[1]
*.Router	patterns
*.Mux	patterns

Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.

Import

go.mod

require github.com/go-chi/chi/v5 v5.0.12

rule.py

from codepathfinder.go_rule import GoChiRouter

Rules Using This Class

GO-GORM-SQLI-001

Next →GoEchoContext