secval

package
v1.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 5, 2026 License: MIT Imports: 5 Imported by: 0

Documentation

Overview

Package secval provides JSON security validation: dangerous key detection and nesting depth limits. It has NO cross-module dependencies — errors are module-local sentinel types.

Do not use secval on file uploads or streaming endpoints. It parses the entire input into memory. Enforce body size limits (e.g., MaxBytesReader at 1-2MB) BEFORE passing data to secval.

Index

Constants

View Source 
const MaxNestingDepth = 20

MaxNestingDepth is the maximum allowed depth for nested structures.

Variables

View Source 
var (
	ErrDangerousKey = errors.New("secval: dangerous key detected")
	ErrNestingDepth = errors.New("secval: nesting depth exceeded")
	ErrInvalidJSON  = errors.New("secval: invalid JSON")
)

Sentinel errors — module-local, NOT from the chassis errors package.

Functions

func ValidateJSON 

func ValidateJSON(data []byte) error

ValidateJSON parses data as JSON and scans it for dangerous keys and excessive nesting. Returns nil on success, or an error wrapping one of the sentinel errors (ErrDangerousKey, ErrNestingDepth, ErrInvalidJSON).

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.