forked from forgejo/forgejo
Refactor locale&string&template related code (#29165)
Clarify when "string" should be used (and be escaped), and when "template.HTML" should be used (no need to escape) And help PRs like #29059 , to render the error messages correctly. (cherry picked from commit f3eb835886031df7a562abc123c3f6011c81eca8) Conflicts: modules/web/middleware/binding.go routers/web/feed/convert.go tests/integration/branches_test.go tests/integration/repo_branch_test.go trivial context conflicts
This commit is contained in:
wxiaoguang
Earl Warren
parent
d565d85160
commit
65248945c9
78 changed files with 359 additions and 286 deletions
|
|
@ -36,7 +36,7 @@ func NewFuncMap() template.FuncMap {
|
|||
"dict": dict, // it's lowercase because this name has been widely used. Our other functions should have uppercase names.
|
||||
"Eval": Eval,
|
||||
"Safe": Safe,
|
||||
"Escape": html.EscapeString,
|
||||
"Escape": Escape,
|
||||
"QueryEscape": url.QueryEscape,
|
||||
"JSEscape": template.JSEscapeString,
|
||||
"Str2html": Str2html, // TODO: rename it to SanitizeHTML
|
||||
|
|
@ -162,7 +162,7 @@ func NewFuncMap() template.FuncMap {
|
|||
"RenderCodeBlock": RenderCodeBlock,
|
||||
"RenderIssueTitle": RenderIssueTitle,
|
||||
"RenderEmoji": RenderEmoji,
|
||||
"RenderEmojiPlain": emoji.ReplaceAliases,
|
||||
"RenderEmojiPlain": RenderEmojiPlain,
|
||||
"ReactionToEmoji": ReactionToEmoji,
|
||||
|
||||
"RenderMarkdownToHtml": RenderMarkdownToHtml,
|
||||
|
|
@ -183,13 +183,45 @@ func NewFuncMap() template.FuncMap {
|
|||
}
|
||||
|
||||
// Safe render raw as HTML
|
||||
func Safe(raw string) template.HTML {
|
||||
return template.HTML(raw)
|
||||
func Safe(s any) template.HTML {
|
||||
switch v := s.(type) {
|
||||
case string:
|
||||
return template.HTML(v)
|
||||
case template.HTML:
|
||||
return v
|
||||
}
|
||||
panic(fmt.Sprintf("unexpected type %T", s))
|
||||
}
|
||||
|
||||
// Str2html render Markdown text to HTML
|
||||
func Str2html(raw string) template.HTML {
|
||||
return template.HTML(markup.Sanitize(raw))
|
||||
// Str2html sanitizes the input by pre-defined markdown rules
|
||||
func Str2html(s any) template.HTML {
|
||||
switch v := s.(type) {
|
||||
case string:
|
||||
return template.HTML(markup.Sanitize(v))
|
||||
case template.HTML:
|
||||
return template.HTML(markup.Sanitize(string(v)))
|
||||
}
|
||||
panic(fmt.Sprintf("unexpected type %T", s))
|
||||
}
|
||||
|
||||
func Escape(s any) template.HTML {
|
||||
switch v := s.(type) {
|
||||
case string:
|
||||
return template.HTML(html.EscapeString(v))
|
||||
case template.HTML:
|
||||
return v
|
||||
}
|
||||
panic(fmt.Sprintf("unexpected type %T", s))
|
||||
}
|
||||
|
||||
func RenderEmojiPlain(s any) any {
|
||||
switch v := s.(type) {
|
||||
case string:
|
||||
return emoji.ReplaceAliases(v)
|
||||
case template.HTML:
|
||||
return template.HTML(emoji.ReplaceAliases(string(v)))
|
||||
}
|
||||
panic(fmt.Sprintf("unexpected type %T", s))
|
||||
}
|
||||
|
||||
// DotEscape wraps a dots in names with ZWJ [U+200D] in order to prevent autolinkers from detecting these as urls
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue