Affected by GO-2023-1670 and 11 other vulnerabilities

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2018: Argo CD web terminal session doesn't expire in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

GO-2024-3006: The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd

http

package

v2.6.4 Latest Latest Go to latest Published: Mar 7, 2023 License: Apache-2.0 Imports: 9 Imported by: 2

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/argoproj/argo-cd

Links

Open Source Insights

Documentation ¶

Index ¶

func JoinCookies(key string, cookieList []*http.Cookie) (string, error)
func MakeCookieMetadata(key, value string, flags ...string) ([]string, error)
type DebugTransport
- func (d DebugTransport) RoundTrip(req *http.Request) (*http.Response, error)
type TransportWithHeader
- func (rt *TransportWithHeader) RoundTrip(r *http.Request) (*http.Response, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func JoinCookies ¶

func JoinCookies(key string, cookieList []*http.Cookie) (string, error)

JoinCookies combines chunks of cookie based on key as prefix. It returns cookie value as string. cookieString is of format key1=value1; key2=value2; key3=value3 first chunk will be of format argocd.token=<numberOfChunks>:token; attributes

func MakeCookieMetadata ¶

func MakeCookieMetadata(key, value string, flags ...string) ([]string, error)

MakeCookieMetadata generates a string representing a Web cookie. Yum!

Types ¶

type DebugTransport ¶

type DebugTransport struct {
	T http.RoundTripper
}

DebugTransport is a HTTP Client Transport to enable debugging

func (DebugTransport) RoundTrip ¶

func (d DebugTransport) RoundTrip(req *http.Request) (*http.Response, error)

type TransportWithHeader ¶ added in v2.1.0

type TransportWithHeader struct {
	RoundTripper http.RoundTripper
	Header       http.Header
}

TransportWithHeader is a HTTP Client Transport with default headers.

func (*TransportWithHeader) RoundTrip ¶ added in v2.1.0

func (rt *TransportWithHeader) RoundTrip(r *http.Request) (*http.Response, error)

Source Files ¶

View all Source files

http.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL