You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Feb 27, 2026. It is now read-only.
title: G107: Url provided to HTTP request as taint input
4
+
---
5
+
6
+
Getting an URL from an untrusted source like user input gives the ability of an attacker to redirect your application to bad websites and perform additional attacks.
7
+
One of the examples is as shown below the [http.Get()](https://golang.org/pkg/net/http/#Client.Get) function issues a GET to the specified URL and if the result is appropriate GET will follow the redirect after calling Client's CheckRedirect function. That means that the attacker can send your application to various places.
8
+
9
+
This problem can be used to achieve [SSRF](https://www.acunetix.com/blog/articles/server-side-request-forgery-vulnerability/) atttacks via http requests with variable url.
10
+
11
+
## Example problematic code:
12
+
13
+
```
14
+
package main
15
+
import (
16
+
"net/http"
17
+
"io/ioutil"
18
+
"fmt"
19
+
"os"
20
+
)
21
+
func main() {
22
+
url := os.Getenv("tainted_url")
23
+
resp, err := http.Get(url)
24
+
if err != nil {
25
+
panic(err)
26
+
}
27
+
defer resp.Body.Close()
28
+
body, err := ioutil.ReadAll(resp.Body)
29
+
if err != nil {
30
+
panic(err)
31
+
}
32
+
fmt.Printf("%s", body)
33
+
}
34
+
```
35
+
36
+
## Gosec command line output
37
+
38
+
```
39
+
[examples/main.go:12] - G107: Potential HTTP request made with variable url (Confidence: MEDIUM, Severity: MEDIUM)
0 commit comments