domi/forgejo-domi
1
0
Fork 0
forked from forgejo/forgejo
Code Pull requests Activity

Remove unnecessary SanitizeHTML from code (#29575)

Browse source 
* "mail/issue/default.tmpl": the body is rendered by backend
`markdown.RenderString() HTML`, it has been already sanitized
* "repo/settings/webhook/base_list.tmpl": "Description" is prepared by
backend `ctx.Tr`, it doesn't need to be sanitized

(cherry picked from commit dae7f1ebdbe19620f40e110b285f7c0ecd0bb33b)
This commit is contained in:
wxiaoguang 2024-03-04 20:02:45 +08:00 committed by Earl Warren
parent 3c05986fcf
commit a44805e5b3
No known key found for this signature in database
GPG key ID: 0579CB2928A78A00
7 changed files with 7 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

10
modules/templates/helper.go
View file

@ -211,14 +211,8 @@ func SafeHTML(s any) template.HTML {
}
// SanitizeHTML sanitizes the input by pre-defined markdown rules
func SanitizeHTML(s any) template.HTML {
switch v := s.(type) {
case string:
return template.HTML(markup.Sanitize(v))
case template.HTML:
return template.HTML(markup.Sanitize(string(v)))
}
panic(fmt.Sprintf("unexpected type %T", s))
func SanitizeHTML(s string) template.HTML {
return template.HTML(markup.Sanitize(s))
}
func HTMLEscape(s any) template.HTML {