Backport of [Security] Close cross scripting vulnerability into release/1.19.x (#21346)

* backport of commit c8cb3349fe

* backport of commit 262efd8f15

---------

Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com>
pull/21350/head
hc-github-team-consul-core 5 months ago committed by GitHub
parent 09538e62b1
commit a1ee7cb38b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

@ -0,0 +1,3 @@
```release-note:security
agent: removed reflected cross-site scripting vulnerability
```

@ -293,7 +293,7 @@ func conflictingFlags(resp http.ResponseWriter, req *http.Request, flags ...stri
if _, ok := params[conflict]; ok {
if found {
resp.WriteHeader(http.StatusBadRequest)
fmt.Fprint(resp, "Conflicting flags: "+params.Encode())
fmt.Fprintf(resp, "Conflicting flags: %v\n", params.Encode())
return true
}
found = true

Loading…
Cancel
Save