standardise html-escaping functions
This commit is contained in:
parent
693f541934
commit
8a452c0fa6
@ -4,7 +4,6 @@ import (
|
||||
"bufio"
|
||||
"fmt"
|
||||
"html"
|
||||
"html/template"
|
||||
"io/ioutil"
|
||||
"math"
|
||||
"net/http"
|
||||
@ -74,7 +73,7 @@ func (this *ArchiveState) renderView(w http.ResponseWriter) {
|
||||
|
||||
output := ""
|
||||
for i := startLine; i < endLine; i += 1 {
|
||||
output += template.HTMLEscapeString(lines[i]) + "<br>\n"
|
||||
output += html.EscapeString(lines[i]) + "<br>\n"
|
||||
}
|
||||
|
||||
this.renderTemplate(w, []byte(output))
|
||||
@ -132,7 +131,7 @@ func (this *ArchiveState) renderSearch(w http.ResponseWriter) {
|
||||
lineNo := i % this.svr.cfg.LinesPerPage
|
||||
url := fmt.Sprintf(`/%s/%d/%d/page-%d#line-%d`, this.logBestSlug, ympair.Year, ympair.Month, page, lineNo)
|
||||
|
||||
w.Write([]byte(`<li><a href="` + template.HTMLEscapeString(url) + `">»</a> ` + template.HTMLEscapeString(scanner.Text()) + `</li>`))
|
||||
w.Write([]byte(`<li><a href="` + html.EscapeString(url) + `">»</a> ` + html.EscapeString(scanner.Text()) + `</li>`))
|
||||
}
|
||||
|
||||
}()
|
||||
@ -141,7 +140,7 @@ func (this *ArchiveState) renderSearch(w http.ResponseWriter) {
|
||||
w.Write([]byte(`</ul>`))
|
||||
|
||||
if totalResults == 0 {
|
||||
w.Write([]byte(`No search results for "<em>` + template.HTMLEscapeString(this.query) + `</em>"`))
|
||||
w.Write([]byte(`No search results for "<em>` + html.EscapeString(this.query) + `</em>"`))
|
||||
} else {
|
||||
w.Write([]byte(`<br><em>Found ` + fmt.Sprintf("%d", totalResults) + ` total result(s).</em><br><br>`))
|
||||
}
|
||||
@ -151,7 +150,7 @@ func (this *ArchiveState) renderSearch(w http.ResponseWriter) {
|
||||
|
||||
// renderError renders a plain text string, escaping it for HTML use.
|
||||
func (this *ArchiveState) renderError(w http.ResponseWriter, msg string) {
|
||||
this.renderTemplate(w, []byte(template.HTMLEscapeString(msg)))
|
||||
this.renderTemplate(w, []byte(html.EscapeString(msg)))
|
||||
}
|
||||
|
||||
func (this *ArchiveState) renderTemplate(w http.ResponseWriter, body []byte) {
|
||||
@ -177,7 +176,7 @@ func (this *ArchiveState) renderTemplateHead(w http.ResponseWriter) {
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
|
||||
<title>` + template.HTMLEscapeString(title) + `</title>
|
||||
<title>` + html.EscapeString(title) + `</title>
|
||||
<link rel="stylesheet" type="text/css" href="/style.css">
|
||||
</head>
|
||||
<body>
|
||||
@ -206,7 +205,7 @@ func (this *ArchiveState) renderTemplateHead(w http.ResponseWriter) {
|
||||
slug, _ := this.svr.bestSlugFor(&this.svr.cfg.Logs[i])
|
||||
current := (this.log == &this.svr.cfg.Logs[i])
|
||||
|
||||
w.Write([]byte(`<option value="` + template.HTMLEscapeString(slug) + `" ` + attr(current, "selected") + `>` + template.HTMLEscapeString(h.Description) + `</option>`))
|
||||
w.Write([]byte(`<option value="` + html.EscapeString(slug) + `" ` + attr(current, "selected") + `>` + html.EscapeString(h.Description) + `</option>`))
|
||||
}
|
||||
|
||||
w.Write([]byte(`
|
||||
@ -218,7 +217,7 @@ func (this *ArchiveState) renderTemplateHead(w http.ResponseWriter) {
|
||||
w.Write([]byte(`
|
||||
|
||||
<form method="GET">
|
||||
<input type="hidden" name="h" value="` + template.HTMLEscapeString(this.logBestSlug) + `">
|
||||
<input type="hidden" name="h" value="` + html.EscapeString(this.logBestSlug) + `">
|
||||
<select id="seldate" onchange="setYM(this);">
|
||||
`))
|
||||
|
||||
@ -235,7 +234,7 @@ func (this *ArchiveState) renderTemplateHead(w http.ResponseWriter) {
|
||||
lastY = ympair.Year
|
||||
}
|
||||
|
||||
w.Write([]byte(fmt.Sprintf(`<option value="%d-%d" %s>%s</option>`, ympair.Year, ympair.Month, attr(ympair.Equals(this.ym), "selected"), template.HTMLEscapeString(ympair.Month.String()))))
|
||||
w.Write([]byte(fmt.Sprintf(`<option value="%d-%d" %s>%s</option>`, ympair.Year, ympair.Month, attr(ympair.Equals(this.ym), "selected"), html.EscapeString(ympair.Month.String()))))
|
||||
}
|
||||
|
||||
//
|
||||
@ -285,8 +284,8 @@ func (this *ArchiveState) renderTemplateHead(w http.ResponseWriter) {
|
||||
|
||||
<span class="area-search">
|
||||
<form method="GET">
|
||||
<input type="hidden" name="h" value="` + template.HTMLEscapeString(this.logBestSlug) + `">
|
||||
<input type="text" id="searchbox" name="q" value="` + template.HTMLEscapeString(this.query) + `" placeholder="Search..." accesskey="m" title="Search (Alt+M)">
|
||||
<input type="hidden" name="h" value="` + html.EscapeString(this.logBestSlug) + `">
|
||||
<input type="text" id="searchbox" name="q" value="` + html.EscapeString(this.query) + `" placeholder="Search..." accesskey="m" title="Search (Alt+M)">
|
||||
<input type="submit" value="»">
|
||||
<input type="checkbox" class="layout-pushdown" name="rx" value="1" title="PCRE Regular Expression" ` + attr(this.queryIsRegex, "checked") + `>
|
||||
</form>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user