3
How secure should I consider the go lang net/http framework to be?
I understand just how broad a question this is, but I'm wondering how robust I should consider the framework itself, NOT the application built on top of it.
If I were to build the following example code, and run it on port open to the internet, need I worry about the server being compromised?
package main
import (
"fmt"
"net/http"
)
func handler(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "Hi there, I love %s!", r.URL.Path[1:])
}
func main() {
http.HandleFunc("/", handler)
http.ListenAndServe(":8080", nil)
}
As is, this question sounds almost like "How heavy is a box of hammers?" - It depends on the implimentation and the libraries used. – Journeyman Geek – 2014-12-21T22:40:39.650
That's why I gave a very specific example. I fully understand that any custom app on top of the framework will have it's own issues. I'm trying to understand how much confidence people have in the framework itself. – DonGar – 2014-12-24T21:55:10.470