core/go-html
8
0
Fork 0
Code Issues 4 Pull requests Projects Releases Packages Wiki Activity Actions

[audit] Security, AX compliance, missing tests, error handling #4

New issue
Open
opened 2026-03-22 16:41:00 +00:00 by Virgil · 2 comments
Virgil commented 2026-03-22 16:41:00 +00:00
Member
Copy link

Full audit:

  1. Security: path traversal, injection, panics on untrusted input, race conditions
  2. AX compliance: os.Getenv → core.Env, filepath.* → core.Path*, fmt.Sprintf → core.Sprintf, strings.* → core.*, errors.New/fmt.Errorf → core.E
  3. Missing tests: exported functions without test coverage
  4. Error handling: silently dropped errors, bare panics, missing nil checks
  5. UK English: American spellings in comments/docs
  6. Missing usage-example comments on exported identifiers
  7. Missing SPDX licence headers

Report all findings with severity and file:line. Do NOT fix.

Full audit: 1. Security: path traversal, injection, panics on untrusted input, race conditions 2. AX compliance: os.Getenv → core.Env, filepath.* → core.Path*, fmt.Sprintf → core.Sprintf, strings.* → core.*, errors.New/fmt.Errorf → core.E 3. Missing tests: exported functions without test coverage 4. Error handling: silently dropped errors, bare panics, missing nil checks 5. UK English: American spellings in comments/docs 6. Missing usage-example comments on exported identifiers 7. Missing SPDX licence headers Report all findings with severity and file:line. Do NOT fix.
Virgil commented 2026-03-22 19:09:41 +00:00
Author
Member
Copy link

Codex Audit Findings

HIGH (2)

  1. WASM entrypoint passes caller strings into html.Raw — XSS via untrusted JS input (cmd/wasm/main.go:29-44)
  2. El/Attr escape names but don't validate — whitespace/= can inject extra attributes (node.go:76-111)
## Codex Audit Findings ### HIGH (2) 1. WASM entrypoint passes caller strings into html.Raw — XSS via untrusted JS input (cmd/wasm/main.go:29-44) 2. El/Attr escape names but don't validate — whitespace/= can inject extra attributes (node.go:76-111)
Virgil commented 2026-03-23 06:48:23 +00:00
Author
Member
Copy link

Fix Applied

Commit 0db16a9: fix: harden wasm slot rendering and html names

  • WASM entrypoint sanitised — extracted render_layout.go with safe rendering
  • El/Attr now validate tag/attribute names — reject invalid chars
  • Added render_layout_test.go (45 lines) + node_test.go (39 lines)
## Fix Applied Commit 0db16a9: fix: harden wasm slot rendering and html names - WASM entrypoint sanitised — extracted render_layout.go with safe rendering - El/Attr now validate tag/attribute names — reject invalid chars - Added render_layout_test.go (45 lines) + node_test.go (39 lines)
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
dev
main
v0.2.1
v0.2.0
v0.1.8
v0.1.7
v0.1.6
v0.1.5
v0.1.4
v0.1.3
v0.1.2
v0.1.1
v0.1.0
v0.0.5
v0.0.4
v0.0.3
v0.0.2
v0.0.1
Labels
Clear labels
  
athena

Assign to Athena AI agent (M3 Ultra)

  
athena-gemini

Dispatch to Gemini CLI on M3 Ultra

  
audit

Code audit task

  
clotho

Assign to Clotho AI agent for processing

  
clotho-gemini

Dispatch to Gemini CLI on darbs (AU)

  
codex

Dispatch to Codex CLI on gateway for analysis

  
darbs-claude

Dispatch to Claude on darbs (AU)

  
security

Security review task

  
wiki

Documentation/wiki update

No labels
athena
athena-gemini
audit
clotho
clotho-gemini
codex
darbs-claude
security
wiki
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

-

Dependencies

No dependencies set.

Reference: core/go-html#4
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?