Hi all, I’m fairly new to golang and just started to build my first web app.
I have been looking for a while so far without any luck for built-in packages in order to prevent path traversal when uploading a file to my server.
I’m aware of filepath.clean (https://golang.org/pkg/path/filepath/#Clean) but it still not good enough (it still requires some validation and/or cleaning afterward).
However, I saw a package by cyphar (https://github.com/cyphar/filepath-securejoin) that should do the work but I prefer to use official packages if any.
lastly, does anyone familiar with any security packages to prevent other application security attacks (such as CSRF, session handling, authentication/authorization etc…)
Thanks in advance,
A