Veracode SSRF Flag for http.NewRequestWithContext: Mitigating Risk in My Go Application

I’m working on a Go application where I’m using http.NewRequestWithContext to make outgoing requests. During a recent Veracode scan, I received an SSRF (Server-Side Request Forgery) flag for the following line:
req, err:= http.NewRequestWi… Continue reading Veracode SSRF Flag for http.NewRequestWithContext: Mitigating Risk in My Go Application

How do you connect a piece of code in a repo to an actual user-input point in an app?

This is conceptual I know so let me know if there’s a better place to ask this. I’m wondering how people can view a piece of code in a repo they aren’t familiar with, or simply didn’t write, and connect it to specific user-input point like… Continue reading How do you connect a piece of code in a repo to an actual user-input point in an app?