Code Room
Code reviewMediumcr-g553
Subject Security open redirectLevel Mid–Senior~15 minCommon in Security interviewsIndustries Software development

Question

Review this Go post-login redirect handler.

What a strong answer looks like

Separate real bugs from style. Rank issues by severity, point at the root cause rather than the symptom, and suggest a concrete fix — specific and kind.

Talk through your review
Code to reviewgo
func PostLogin(w http.ResponseWriter, r *http.Request) {    if !authenticate(r) {        http.Error(w, "bad creds", 401)        return    }    next := r.URL.Query().Get("next")    if next == "" {        next = "/dashboard"    }    http.Redirect(w, r, next, http.StatusFound)}
Run or narrate your approach, then ask the coach.