From e515d730526a25f53101f8e1a4e55380d5c912c7 Mon Sep 17 00:00:00 2001 From: mappu Date: Sun, 13 Aug 2017 17:51:44 +1200 Subject: [PATCH] use PathEscape instead of QueryEscape for titles in URLs --- WikiServer.go | 12 ++++++------ bbcode.go | 4 ++-- rArchive.go | 2 +- rErrors.go | 6 +++--- rHistory.go | 2 +- rIndex.go | 2 +- rModify.go | 2 +- rRSS.go | 2 +- rRecentChanges.go | 2 +- rView.go | 4 +++- 10 files changed, 20 insertions(+), 18 deletions(-) diff --git a/WikiServer.go b/WikiServer.go index acf8e92..2c0eba6 100644 --- a/WikiServer.go +++ b/WikiServer.go @@ -128,7 +128,7 @@ func (this *WikiServer) ServeHTTP(w http.ResponseWriter, r *http.Request) { return } else if remainingPath == "" { - this.serveRedirect(w, this.opts.ExpectBaseURL+`view/`+url.QueryEscape(this.opts.DefaultPage)) + this.serveRedirect(w, this.opts.ExpectBaseURL+`view/`+url.PathEscape(this.opts.DefaultPage)) return } else if remainingPath == "random" { @@ -139,11 +139,11 @@ func (this *WikiServer) ServeHTTP(w http.ResponseWriter, r *http.Request) { } chosenArticle := titles[rand.Intn(len(titles))] - this.serveRedirect(w, this.opts.ExpectBaseURL+`view/`+url.QueryEscape(chosenArticle)) + this.serveRedirect(w, this.opts.ExpectBaseURL+`view/`+url.PathEscape(chosenArticle)) return } else if strings.HasPrefix(remainingPath, "view/") { - articleTitle, err := url.QueryUnescape(remainingPath[len("view/"):]) + articleTitle, err := url.PathUnescape(remainingPath[len("view/"):]) if err != nil { this.serveErrorMessage(w, err) return @@ -152,7 +152,7 @@ func (this *WikiServer) ServeHTTP(w http.ResponseWriter, r *http.Request) { return } else if strings.HasPrefix(remainingPath, "modify/") { - articleTitle, err := url.QueryUnescape(remainingPath[len("modify/"):]) + articleTitle, err := url.PathUnescape(remainingPath[len("modify/"):]) if err != nil { this.serveErrorMessage(w, err) return @@ -161,7 +161,7 @@ func (this *WikiServer) ServeHTTP(w http.ResponseWriter, r *http.Request) { return } else if strings.HasPrefix(remainingPath, "history/") { - articleTitle, err := url.QueryUnescape(remainingPath[len("history/"):]) + articleTitle, err := url.PathUnescape(remainingPath[len("history/"):]) if err != nil { this.serveErrorMessage(w, err) return @@ -261,7 +261,7 @@ func (this *WikiServer) ServeHTTP(w http.ResponseWriter, r *http.Request) { return } - this.serveRedirect(w, this.opts.ExpectBaseURL+`view/`+url.QueryEscape(title)) + this.serveRedirect(w, this.opts.ExpectBaseURL+`view/`+url.PathEscape(title)) return } diff --git a/bbcode.go b/bbcode.go index f0c7658..e7f1dc8 100644 --- a/bbcode.go +++ b/bbcode.go @@ -45,10 +45,10 @@ func (this *BBCodeRenderer) bbcode(data string) string { pregReplaceRule{regexp.MustCompile(`(?si)\[\*\]`), `
  • `, nil}, pregReplaceRule{regexp.MustCompile(`(?si)\[url=(.*?)\](.*?)\[/url\]`), `$2`, nil}, pregReplaceRule{regexp.MustCompile(`(?si)\[article=(.*?)\](.*?)\[/article\]`), "", func(m []string) string { - return `` + m[2] + `` + return `` + m[2] + `` }}, pregReplaceRule{regexp.MustCompile(`(?si)\[rev=(.*?)\](.*?)\[/rev\]`), "", func(m []string) string { - return `` + m[2] + `` + return `` + m[2] + `` }}, pregReplaceRule{regexp.MustCompile(`(?si)\[imgur\](.*?)\.(...)\[/imgur\]`), diff --git a/rArchive.go b/rArchive.go index 756e0b1..c3a26e6 100644 --- a/rArchive.go +++ b/rArchive.go @@ -30,7 +30,7 @@ func (this *WikiServer) routeArchive(w http.ResponseWriter, r *http.Request, rev `
    `+ `You are viewing specific revision of this page, last modified `+ time.Unix(a.Modified, 0).In(this.loc).Format(this.opts.DateFormat)+`. `+ - `Click here to see the latest revision.`+ + `Click here to see the latest revision.`+ `
    `, ) + bcr.RenderHTML(string(a.Body)) pto.LoadCodeResources = bcr.CodePresent diff --git a/rErrors.go b/rErrors.go index ce9a259..7bde339 100644 --- a/rErrors.go +++ b/rErrors.go @@ -9,7 +9,7 @@ import ( ) func (this *WikiServer) noSuchArticleError(title string) template.HTML { - return template.HTML(`No such article exists. Click here to create it.`) + return template.HTML(`No such article exists. Click here to create it.`) } func (this *WikiServer) serveErrorMessage(w http.ResponseWriter, message error) { @@ -22,7 +22,7 @@ func (this *WikiServer) serveInternalError(w http.ResponseWriter, r *http.Reques } func (this *WikiServer) serveErrorHTMLMessage(w http.ResponseWriter, msg template.HTML) { - this.serveRedirect(w, this.opts.ExpectBaseURL+"view/"+url.QueryEscape(this.opts.DefaultPage)+"?error="+url.QueryEscape(string(msg))) + this.serveRedirect(w, this.opts.ExpectBaseURL+"view/"+url.PathEscape(this.opts.DefaultPage)+"?error="+url.QueryEscape(string(msg))) } func (this *WikiServer) serveRedirect(w http.ResponseWriter, location string) { @@ -46,5 +46,5 @@ func (this *WikiServer) formatTimestamp(m int64) string { } func (this *WikiServer) viewLink(articleTitle string) template.HTML { - return template.HTML(`"` + template.HTMLEscapeString(articleTitle) + `"`) + return template.HTML(`"` + template.HTMLEscapeString(articleTitle) + `"`) } diff --git a/rHistory.go b/rHistory.go index fb6fa5e..b3684f9 100644 --- a/rHistory.go +++ b/rHistory.go @@ -25,7 +25,7 @@ func (this *WikiServer) routeHistory(w http.ResponseWriter, r *http.Request, art pto.CurrentPageIsArticle = true content := `

    Page History


    ` + - `There have been ` + fmt.Sprintf("%d", len(revs)) + ` edits to the page "` + template.HTMLEscapeString(articleTitle) + `".` + + `There have been ` + fmt.Sprintf("%d", len(revs)) + ` edits to the page "` + template.HTMLEscapeString(articleTitle) + `".` + `

    ` + `
    ` + `` diff --git a/rIndex.go b/rIndex.go index b8a4200..5216f37 100644 --- a/rIndex.go +++ b/rIndex.go @@ -22,7 +22,7 @@ func (this *WikiServer) routeIndex(w http.ResponseWriter, r *http.Request) { content := fmt.Sprintf(`

    Article Index


    There are %d edits to %d pages.

    ` diff --git a/rModify.go b/rModify.go index 6c013a0..ba791c1 100644 --- a/rModify.go +++ b/rModify.go @@ -32,7 +32,7 @@ func (this *WikiServer) routeModify(w http.ResponseWriter, r *http.Request, arti pageTitleHTML = `Creating new article` baseRev = 0 } else { - pageTitleHTML = `Editing article "` + template.HTMLEscapeString(articleTitle) + `"` + pageTitleHTML = `Editing article "` + template.HTMLEscapeString(articleTitle) + `"` baseRev = a.ID existingBody = string(a.Body) } diff --git a/rRSS.go b/rRSS.go index 6b35141..34df2dd 100644 --- a/rRSS.go +++ b/rRSS.go @@ -33,7 +33,7 @@ func (this *WikiServer) routeRecentChangesRSS(w http.ResponseWriter, r *http.Req ` + template.HTMLEscapeString(this.opts.DeclareRSSEmail+` (`+this.opts.PageTitle+` `+a.Author+`)`) + `` + template.HTMLEscapeString(time.Unix(a.Modified, 0).In(this.loc).Format(time.RFC1123Z)) + `` + template.HTMLEscapeString(` - latest version + latest version | revision `+fmt.Sprintf("%d", a.ID)+` | diff --git a/rRecentChanges.go b/rRecentChanges.go index 037b556..fe90ea5 100644 --- a/rRecentChanges.go +++ b/rRecentChanges.go @@ -41,7 +41,7 @@ func (this *WikiServer) routeRecentChanges(w http.ResponseWriter, r *http.Reques `
    ` for _, rev := range recents { content += `` + - `` + `` + diff --git a/rView.go b/rView.go index 4eed7c3..235e331 100644 --- a/rView.go +++ b/rView.go @@ -2,11 +2,13 @@ package yatwiki import ( "database/sql" + "fmt" "net/http" "net/url" ) func (this *WikiServer) routeView(w http.ResponseWriter, r *http.Request, articleTitle string) { + fmt.Printf("%#v\n", articleTitle) a, err := this.db.GetLatestVersion(articleTitle) if err != nil { @@ -15,7 +17,7 @@ func (this *WikiServer) routeView(w http.ResponseWriter, r *http.Request, articl // If this was an old link, it might not be present. // Redirect if possible if len(articleTitle) > 0 && articleTitle[len(articleTitle)-1] == '/' { - this.serveRedirect(w, this.opts.ExpectBaseURL+"view/"+url.QueryEscape(articleTitle[0:len(articleTitle)-1])) + this.serveRedirect(w, this.opts.ExpectBaseURL+"view/"+url.PathEscape(articleTitle[0:len(articleTitle)-1])) return }
    ` + template.HTMLEscapeString(rev.Title) + `` + + `` + template.HTMLEscapeString(rev.Title) + `` + ` [a]` + `` + this.formatTimestamp(rev.Modified) + ` by ` + template.HTMLEscapeString(rev.Author) + `