Kristoffer Dalby 93082b8092 Protect against user injection for registration CLI page ...

This commit addresses a potential issue where we allowed unsanitised
content to be passed through a go template without validation.

We now try to unmarshall the incoming node key and fails to render the
template if it is not a valid node key.

Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>

2022-09-23 10:39:42 +02:00

3.7 KiB

Raw Blame History

View Raw