Bezbednost: rešeno 7 kritičnih nalaza (HP-01 do HP-07)

internal/handler/podesavanja.go

@@ -253,11 +253,10 @@ func (h *Handler) SacuvajPodesavanja(w http.ResponseWriter, r *http.Request) {
 	}
 
 	sledeci := r.FormValue("_next")
-	if sledeci == "" {
-		http.Redirect(w, r, "/podesavanja?sacuvano=1", http.StatusSeeOther)
-	} else {
-		http.Redirect(w, r, sledeci+"?sacuvano=1", http.StatusSeeOther)
+	if sledeci == "" || !strings.HasPrefix(sledeci, "/") {
+		sledeci = "/podesavanja"
 	}
+	http.Redirect(w, r, sledeci+"?sacuvano=1", http.StatusSeeOther)
 }
 
 // BackupBaze kreira konzistentnu kopiju baze i šalje je kao attachment

internal/handler/prijava.go

@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"net"
 	"net/http"
+	"os"
 	"strings"
 	"time"
 
@@ -304,6 +305,7 @@ func napraviKolacic(token string, istice time.Time) *http.Cookie {
 		Path:     "/",
 		Expires:  istice,
 		HttpOnly: true,
+		Secure:   os.Getenv("NTECH_ENV") == "production",
 		SameSite: http.SameSiteStrictMode,
 	}
 }