[go-nuts] Re: Golang HTTP POST handling

Tue, 20 Feb 2018 15:01:29 -0800 

You should, of course, consider adding some rigor such as CSRF protection 
to that form! I'd suggest something 
like http://www.gorillatoolkit.org/pkg/csrf for that! 

On Tuesday, February 20, 2018 at 11:16:57 AM UTC-5, Sankar wrote:
>
> Hi,
>
> I have a Golang HTTP server which is consumed by mobile Apps via HTTP. 
>
> For one workflow (reset-password) alone, I needed a web interface. So 
> instead of creating a new different webapp, I decided to make an endpoint 
> emit text/html instead of JSON and then serve a static HTML page, which 
> will then do a POST request. 
>
> The same endpoint will serve HTML on HTTP GET and will process the values 
> in HTTP POST.
>
> However, I am not able to get the POST parameters in my HTTP request. Even 
> after a succesful req.ParseForm, my req.Form returns nil.
>
> I have attached the complete example.go file in the file, which you can 
> run offline. The relevant code section is:
>
> func alterPasswordHandler(res http.ResponseWriter, req *http.Request) {
> if req.Method == http.MethodGet {
> body := `
> <html>
> <body>
> <form method="post">
> <label for="password">Password</label>
> <input id="password" type="password" placeholder="Password" required>
> <label for="repeatPassword">Repeat Password</label>
> <input id="repeatPassword" type="password" placeholder="Repeat Password" 
> required>
> <button type="submit">Change Password</button>
> </form>
> </body>
> </html>
> `
> res.WriteHeader(http.StatusOK)
> res.Header().Set("Content-Type", "text/html")
> res.Write([]byte(body))
> } else if req.Method == http.MethodPost {
> err := req.ParseForm()
> log.Println(err, req.Form)                  // <<<<<<<<<<< req.Form is nil
> }
> }
>
> What am I doing wrong ? I do get the POST request but without the password 
> fields as part of the POST body. Any help ?
>
> Thanks.
>

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to