code.ivysaur.me/archive
1
0
Fork 0
Code Issues 5 Pull Requests Releases Wiki Activity

standardise html-escaping functions

Browse Source
This commit is contained in:
mappu 2017-12-10 12:08:22 +13:00
parent 693f541934
commit 8a452c0fa6
1 changed files with 10 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
ArchiveState.go
View File

@ -4,7 +4,6 @@ import (
"bufio" "bufio"
"fmt" "fmt"
"html" "html"
"html/template"
"io/ioutil" "io/ioutil"
"math" "math"
"net/http" "net/http"
@ -74,7 +73,7 @@ func (this *ArchiveState) renderView(w http.ResponseWriter) {
output := "" output := ""
for i := startLine; i < endLine; i += 1 { for i := startLine; i < endLine; i += 1 {
output += template.HTMLEscapeString(lines[i]) + "<br>\n" output += html.EscapeString(lines[i]) + "<br>\n"
} }
this.renderTemplate(w, []byte(output)) this.renderTemplate(w, []byte(output))
@ -132,7 +131,7 @@ func (this *ArchiveState) renderSearch(w http.ResponseWriter) {
lineNo := i % this.svr.cfg.LinesPerPage lineNo := i % this.svr.cfg.LinesPerPage
url := fmt.Sprintf(`/%s/%d/%d/page-%d#line-%d`, this.logBestSlug, ympair.Year, ympair.Month, page, lineNo) url := fmt.Sprintf(`/%s/%d/%d/page-%d#line-%d`, this.logBestSlug, ympair.Year, ympair.Month, page, lineNo)
w.Write([]byte(`<li><a href="` + template.HTMLEscapeString(url) + `">&raquo;</a> ` + template.HTMLEscapeString(scanner.Text()) + `</li>`)) w.Write([]byte(`<li><a href="` + html.EscapeString(url) + `">&raquo;</a> ` + html.EscapeString(scanner.Text()) + `</li>`))
} }
}() }()
@ -141,7 +140,7 @@ func (this *ArchiveState) renderSearch(w http.ResponseWriter) {
w.Write([]byte(`</ul>`)) w.Write([]byte(`</ul>`))
if totalResults == 0 { if totalResults == 0 {
w.Write([]byte(`No search results for &quot;<em>` + template.HTMLEscapeString(this.query) + `</em>&quot;`)) w.Write([]byte(`No search results for &quot;<em>` + html.EscapeString(this.query) + `</em>&quot;`))
} else { } else {
w.Write([]byte(`<br><em>Found ` + fmt.Sprintf("%d", totalResults) + ` total result(s).</em><br><br>`)) w.Write([]byte(`<br><em>Found ` + fmt.Sprintf("%d", totalResults) + ` total result(s).</em><br><br>`))
} }
@ -151,7 +150,7 @@ func (this *ArchiveState) renderSearch(w http.ResponseWriter) {
// renderError renders a plain text string, escaping it for HTML use. // renderError renders a plain text string, escaping it for HTML use.
func (this *ArchiveState) renderError(w http.ResponseWriter, msg string) { func (this *ArchiveState) renderError(w http.ResponseWriter, msg string) {
this.renderTemplate(w, []byte(template.HTMLEscapeString(msg))) this.renderTemplate(w, []byte(html.EscapeString(msg)))
} }
func (this *ArchiveState) renderTemplate(w http.ResponseWriter, body []byte) { func (this *ArchiveState) renderTemplate(w http.ResponseWriter, body []byte) {
@ -177,7 +176,7 @@ func (this *ArchiveState) renderTemplateHead(w http.ResponseWriter) {
<head> <head>
<meta charset="utf-8"> <meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<title>` + template.HTMLEscapeString(title) + `</title> <title>` + html.EscapeString(title) + `</title>
<link rel="stylesheet" type="text/css" href="/style.css"> <link rel="stylesheet" type="text/css" href="/style.css">
</head> </head>
<body> <body>
@ -206,7 +205,7 @@ func (this *ArchiveState) renderTemplateHead(w http.ResponseWriter) {
slug, _ := this.svr.bestSlugFor(&this.svr.cfg.Logs[i]) slug, _ := this.svr.bestSlugFor(&this.svr.cfg.Logs[i])
current := (this.log == &this.svr.cfg.Logs[i]) current := (this.log == &this.svr.cfg.Logs[i])
w.Write([]byte(`<option value="` + template.HTMLEscapeString(slug) + `" ` + attr(current, "selected") + `>` + template.HTMLEscapeString(h.Description) + `</option>`)) w.Write([]byte(`<option value="` + html.EscapeString(slug) + `" ` + attr(current, "selected") + `>` + html.EscapeString(h.Description) + `</option>`))
} }
w.Write([]byte(` w.Write([]byte(`
@ -218,7 +217,7 @@ func (this *ArchiveState) renderTemplateHead(w http.ResponseWriter) {
w.Write([]byte(` w.Write([]byte(`
<form method="GET"> <form method="GET">
<input type="hidden" name="h" value="` + template.HTMLEscapeString(this.logBestSlug) + `"> <input type="hidden" name="h" value="` + html.EscapeString(this.logBestSlug) + `">
<select id="seldate" onchange="setYM(this);"> <select id="seldate" onchange="setYM(this);">
`)) `))
@ -235,7 +234,7 @@ func (this *ArchiveState) renderTemplateHead(w http.ResponseWriter) {
lastY = ympair.Year lastY = ympair.Year
} }
w.Write([]byte(fmt.Sprintf(`<option value="%d-%d" %s>%s</option>`, ympair.Year, ympair.Month, attr(ympair.Equals(this.ym), "selected"), template.HTMLEscapeString(ympair.Month.String())))) w.Write([]byte(fmt.Sprintf(`<option value="%d-%d" %s>%s</option>`, ympair.Year, ympair.Month, attr(ympair.Equals(this.ym), "selected"), html.EscapeString(ympair.Month.String()))))
} }
// //
@ -285,8 +284,8 @@ func (this *ArchiveState) renderTemplateHead(w http.ResponseWriter) {
<span class="area-search"> <span class="area-search">
<form method="GET"> <form method="GET">
<input type="hidden" name="h" value="` + template.HTMLEscapeString(this.logBestSlug) + `"> <input type="hidden" name="h" value="` + html.EscapeString(this.logBestSlug) + `">
<input type="text" id="searchbox" name="q" value="` + template.HTMLEscapeString(this.query) + `" placeholder="Search..." accesskey="m" title="Search (Alt+M)"> <input type="text" id="searchbox" name="q" value="` + html.EscapeString(this.query) + `" placeholder="Search..." accesskey="m" title="Search (Alt+M)">
<input type="submit" value="&raquo;"> <input type="submit" value="&raquo;">
<input type="checkbox" class="layout-pushdown" name="rx" value="1" title="PCRE Regular Expression" ` + attr(this.queryIsRegex, "checked") + `> <input type="checkbox" class="layout-pushdown" name="rx" value="1" title="PCRE Regular Expression" ` + attr(this.queryIsRegex, "checked") + `>
</form> </form>