Book Image

The Go Workshop

By : Delio D'Anna, Andrew Hayes, Sam Hennessy, Jeremy Leasor, Gobin Sougrakpam, Dániel Szabó
5 (2)
Book Image

The Go Workshop

5 (2)
By: Delio D'Anna, Andrew Hayes, Sam Hennessy, Jeremy Leasor, Gobin Sougrakpam, Dániel Szabó

Overview of this book

The Go Workshop will take the pain out of learning the Go programming language (also known as Golang). It is designed to teach you to be productive in building real-world software. Presented in an engaging, hands-on way, this book focuses on the features of Go that are used by professionals in their everyday work. Each concept is broken down, clearly explained, and followed up with activities to test your knowledge and build your practical skills. Your first steps will involve mastering Go syntax, working with variables and operators, and using core and complex types to hold data. Moving ahead, you will build your understanding of programming logic and implement Go algorithms to construct useful functions. As you progress, you'll discover how to handle errors, debug code to troubleshoot your applications, and implement polymorphism using interfaces. The later chapters will then teach you how to manage files, connect to a database, work with HTTP servers and REST APIs, and make use of concurrent programming. Throughout this Workshop, you'll work on a series of mini projects, including a shopping cart, a loan calculator, a working hours tracker, a web page counter, a code checker, and a user authentication system. By the end of this book, you'll have the knowledge and confidence to tackle your own ambitious projects with Go.
Table of Contents (21 chapters)
Free Chapter
1. Variables and Operators
2. Logic and Loops

Cross-Site Scripting

Cross-Site Scripting, or XSS, is another major attack type that is frequently listed in the OWASP (Open Web Application Security Project) of top ten application vulnerabilities. Similar to SQL injection, this vulnerability is also caused by non-sanitized user input, but in this case, rather than modifying the behavior of a database, it injects scripts into a web page.

Web pages are constructed using html tags. Every html page contains some content bracketed by the html tag, like this:

  Hello World!

One such html tag is the <script> tag, which is used to embed executable content – usually, JavaScript code. This tag is used to run client-side code execution on the browser, for example, to generate dynamic content or manipulate data and images.

The code inside the <script> tag is not visible on the web page and, as such, it generally goes unnoticed. This feature of the <script> tag can be manipulated...