Merge pull request #115 from qonto/fix-semgrep-direct-responsewriter

Ignore false postive alert for homepage
qonto · Jan 25, 2024 · f6ac877 · f6ac877
2 parents 89cf6a5 + aee1ba6
commit f6ac877
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/internal/infra/http/homepage.go b/internal/infra/http/homepage.go
@@ -53,5 +53,5 @@ func NewHomePage(version string, metricPath string) (*homeHandler, error) {
 
 func (h homeHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	w.Header().Add("Content-Type", "text/html; charset=UTF-8")
-	_, _ = w.Write(h.content)
+	_, _ = w.Write(h.content) // nosemgrep: go.lang.security.audit.xss.no-direct-write-to-responsewriter.no-direct-write-to-responsewriter // h.content is rendered by html/template in constructor
 }