perf: update login for security

flashcatcloud · Dec 24, 2024 · a0f7dd6 · a0f7dd6
1 parent 117be63
commit a0f7dd6
Showing 1 changed file with 8 additions and 7 deletions.
diff --git a/inputs/rocketmq_offset/rocketmq.go b/inputs/rocketmq_offset/rocketmq.go
@@ -55,18 +55,19 @@ type Instance struct {
 }
 
 func (ins *Instance) Login() (string, error) {
-	loginURL := fmt.Sprintf("%s/login/login.do?username=%s&password=%s", consoleSchema+ins.RocketMQConsoleIPAndPort, ins.Username, ins.Password)
-	req, err := http.NewRequest("POST", loginURL, nil)
-	if err != nil {
-		return "", err
-	}
+	loginURL := fmt.Sprintf("%s/login/login.do", consoleSchema + ins.RocketMQConsoleIPAndPort)
+	data := url.Values{}
+	data.Set("username", ins.Username)
+	data.Set("password", ins.Password)
 
-	res, err := http.DefaultClient.Do(req)
+	req, err := http.NewRequest("POST", loginURL, strings.NewReader(data.Encode()))
 	if err != nil {
 		return "", err
 	}
-	defer res.Body.Close()
 
+	// 设置Content-Type头
+	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
+
 	// 获取 set-cookie 头
 	cookies := res.Header.Get("Set-Cookie")
 	if cookies == "" {