A simple RESTful API built with Go, designed to manage tasks efficiently. This API allows you to create, read, update, and delete (CRUD) tasks with persistent storage using a JSON file.
- ✅ RESTful architecture using
net/http - ✅ CRUD operations for tasks
- ✅ JSON file-based persistence
- ✅ Modular and easy to extend
- ✅ Security best practices in place
This API is built with several security measures in place to protect data and ensure safe usage:
All incoming request data is validated and sanitized to prevent:
- SQL Injection (N/A in this project, but good habits apply)
- Cross-Site Scripting (XSS)
- Command Injection via untrusted input
Several HTTP headers are added to protect against common web vulnerabilities:
X-Content-Type-Options: nosniffX-Frame-Options: DENYContent-Security-Policy(to be added in future updates)Strict-Transport-Security(when behind HTTPS)
CORS policies are configured to restrict access to trusted domains:
w.Header().Set("Access-Control-Allow-Origin", "https://yourdomain.com")While HTTPS is not handled directly in Go, the API is expected to run behind a secure proxy (e.g., NGINX or Caddy) that enforces HTTPS on all endpoints.
Rate limiting will be added to prevent abuse and denial-of-service (DoS) attacks.
- List all tasks
- Retrieve a task by ID
- Create a new task
- Delete a task by ID
- Go
net/http(standard library)
- Clone the repository:
git clone https://github.com/yourusername/task-api-go.git
cd task-api-go
**Run the server:**
go run main.go| Method | Endpoint | Description |
|---|---|---|
| GET | /tasks |
List all tasks |
| GET | /tasks/{id} |
Get a task by ID |
| POST | /tasks |
Create a new task |
| PUT | /tasks/{id} |
Update a task |
| DELETE | /tasks/{id} |
Delete a task |