Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove incorrect and unnecessary Escape from templates #29394

Merged
merged 5 commits into from Feb 25, 2024
Merged

Remove incorrect and unnecessary Escape from templates #29394

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
02d8e75
fix
wxiaoguang Feb 25, 2024
3662ed1
rename Escape to HTMLEscape
wxiaoguang Feb 25, 2024
23fc8bd
Merge branch 'main' into refactor-escape
GiteaBot Feb 25, 2024
ecf56d4
Merge branch 'main' into refactor-escape
GiteaBot Feb 25, 2024
fe7844a
Merge branch 'main' into refactor-escape
GiteaBot Feb 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
4 changes: 2 additions & 2 deletions modules/templates/helper.go
View file
Open in desktop
Expand Up @@ -37,7 +37,7 @@ func NewFuncMap() template.FuncMap {
"Eval": Eval,
"SafeHTML": SafeHTML,
"HTMLFormat": HTMLFormat,
"Escape": Escape,
"HTMLEscape": HTMLEscape,
"QueryEscape": url.QueryEscape,
"JSEscape": JSEscapeSafe,
"Str2html": Str2html, // TODO: rename it to SanitizeHTML
Expand Down Expand Up @@ -218,7 +218,7 @@ func Str2html(s any) template.HTML {
panic(fmt.Sprintf("unexpected type %T", s))
}

func Escape(s any) template.HTML {
func HTMLEscape(s any) template.HTML {
switch v := s.(type) {
case string:
return template.HTML(html.EscapeString(v))
Expand Down
2 changes: 1 addition & 1 deletion templates/code/searchcombo.tmpl
View file
Open in desktop
Expand Up @@ -7,7 +7,7 @@
</div>
{{else if .SearchResults}}
<h3>
{{ctx.Locale.Tr "explore.code_search_results" (.Keyword|Escape)}}
{{ctx.Locale.Tr "explore.code_search_results" .Keyword}}
</h3>
{{template "code/searchresults" .}}
{{else if .Keyword}}
Expand Down
2 changes: 1 addition & 1 deletion templates/explore/repo_search.tmpl
View file
Open in desktop
Expand Up @@ -36,7 +36,7 @@
</div>
{{if and .PageIsExploreRepositories .OnlyShowRelevant}}
<div class="ui message explore-relevancy-note">
<span data-tooltip-content="{{ctx.Locale.Tr "explore.relevant_repositories_tooltip"}}">{{ctx.Locale.Tr "explore.relevant_repositories" ((printf "?only_show_relevant=0&sort=%s&q=%s&language=%s" $.SortType (QueryEscape $.Keyword) (QueryEscape $.Language))|Escape)}}</span>
<span data-tooltip-content="{{ctx.Locale.Tr "explore.relevant_repositories_tooltip"}}">{{ctx.Locale.Tr "explore.relevant_repositories" (printf "?only_show_relevant=0&sort=%s&q=%s&language=%s" $.SortType (QueryEscape $.Keyword) (QueryEscape $.Language))}}</span>
</div>
{{end}}
<div class="divider"></div>
2 changes: 1 addition & 1 deletion templates/mail/auth/register_notify.tmpl
View file
Open in desktop
Expand Up @@ -11,7 +11,7 @@
<p>{{.locale.Tr "mail.hi_user_x" (.DisplayName|DotEscape)}}</p><br>
<p>{{.locale.Tr "mail.register_notify.text_1" AppName}}</p><br>
<p>{{.locale.Tr "mail.register_notify.text_2" .Username}}</p><p><a href="{{AppUrl}}user/login">{{AppUrl}}user/login</a></p><br>
<p>{{.locale.Tr "mail.register_notify.text_3" ($set_pwd_url | Escape)}}</p><br>
<p>{{.locale.Tr "mail.register_notify.text_3" $set_pwd_url}}</p><br>

<p>© <a target="_blank" rel="noopener noreferrer" href="{{AppUrl}}">{{AppName}}</a></p>
</body>
Expand Down
18 changes: 9 additions & 9 deletions templates/mail/issue/default.tmpl
View file
Open in desktop
Expand Up @@ -36,26 +36,26 @@
{{end}}
<p>
{{if eq .ActionName "close"}}
{{.locale.Tr "mail.issue.action.close" (Escape .Doer.Name) .Issue.Index}}
{{.locale.Tr "mail.issue.action.close" .Doer.Name .Issue.Index}}
{{else if eq .ActionName "reopen"}}
{{.locale.Tr "mail.issue.action.reopen" (Escape .Doer.Name) .Issue.Index}}
{{.locale.Tr "mail.issue.action.reopen" .Doer.Name .Issue.Index}}
{{else if eq .ActionName "merge"}}
{{.locale.Tr "mail.issue.action.merge" (Escape .Doer.Name) .Issue.Index (Escape .Issue.PullRequest.BaseBranch)}}
{{.locale.Tr "mail.issue.action.merge" .Doer.Name .Issue.Index .Issue.PullRequest.BaseBranch}}
{{else if eq .ActionName "approve"}}
{{.locale.Tr "mail.issue.action.approve" (Escape .Doer.Name)}}
{{.locale.Tr "mail.issue.action.approve" .Doer.Name}}
{{else if eq .ActionName "reject"}}
{{.locale.Tr "mail.issue.action.reject" (Escape .Doer.Name)}}
{{.locale.Tr "mail.issue.action.reject" .Doer.Name}}
{{else if eq .ActionName "review"}}
{{.locale.Tr "mail.issue.action.review" (Escape .Doer.Name)}}
{{.locale.Tr "mail.issue.action.review" .Doer.Name}}
{{else if eq .ActionName "review_dismissed"}}
{{.locale.Tr "mail.issue.action.review_dismissed" (Escape .Doer.Name) (Escape .Comment.Review.Reviewer.Name)}}
{{.locale.Tr "mail.issue.action.review_dismissed" .Doer.Name .Comment.Review.Reviewer.Name}}
{{else if eq .ActionName "ready_for_review"}}
{{.locale.Tr "mail.issue.action.ready_for_review" (Escape .Doer.Name)}}
{{.locale.Tr "mail.issue.action.ready_for_review" .Doer.Name}}
{{end}}

{{- if eq .Body ""}}
{{if eq .ActionName "new"}}
{{.locale.Tr "mail.issue.action.new" (Escape .Doer.Name) .Issue.Index}}
{{.locale.Tr "mail.issue.action.new" .Doer.Name .Issue.Index}}
{{end}}
{{else}}
{{.Body | Str2html}}
Expand Down
4 changes: 2 additions & 2 deletions templates/package/shared/list.tmpl
View file
Open in desktop
Expand Up @@ -30,9 +30,9 @@
{{$hasRepositoryAccess = index $.RepositoryAccessMap .Repository.ID}}
{{end}}
{{if $hasRepositoryAccess}}
{{ctx.Locale.Tr "packages.published_by_in" $timeStr .Creator.HomeLink (.Creator.GetDisplayName | Escape) .Repository.Link (.Repository.FullName | Escape)}}
{{ctx.Locale.Tr "packages.published_by_in" $timeStr .Creator.HomeLink .Creator.GetDisplayName .Repository.Link .Repository.FullName}}
{{else}}
{{ctx.Locale.Tr "packages.published_by" $timeStr .Creator.HomeLink (.Creator.GetDisplayName | Escape)}}
{{ctx.Locale.Tr "packages.published_by" $timeStr .Creator.HomeLink .Creator.GetDisplayName}}
{{end}}
</div>
</div>
Expand Down
2 changes: 1 addition & 1 deletion templates/package/shared/versionlist.tmpl
View file
Open in desktop
Expand Up @@ -25,7 +25,7 @@
<div class="flex-item-main">
<a class="flex-item-title" href="{{.FullWebLink}}">{{.Version.LowerVersion}}</a>
<div class="flex-item-body">
{{ctx.Locale.Tr "packages.published_by" (TimeSinceUnix .Version.CreatedUnix ctx.Locale) .Creator.HomeLink (.Creator.GetDisplayName | Escape)}}
{{ctx.Locale.Tr "packages.published_by" (TimeSinceUnix .Version.CreatedUnix ctx.Locale) .Creator.HomeLink .Creator.GetDisplayName}}
</div>
</div>
</div>
Expand Down
4 changes: 2 additions & 2 deletions templates/package/view.tmpl
View file
Open in desktop
Expand Up @@ -10,9 +10,9 @@
<div>
{{$timeStr := TimeSinceUnix .PackageDescriptor.Version.CreatedUnix ctx.Locale}}
{{if .HasRepositoryAccess}}
{{ctx.Locale.Tr "packages.published_by_in" $timeStr .PackageDescriptor.Creator.HomeLink (.PackageDescriptor.Creator.GetDisplayName | Escape) .PackageDescriptor.Repository.Link (.PackageDescriptor.Repository.FullName | Escape)}}
{{ctx.Locale.Tr "packages.published_by_in" $timeStr .PackageDescriptor.Creator.HomeLink .PackageDescriptor.Creator.GetDisplayName .PackageDescriptor.Repository.Link .PackageDescriptor.Repository.FullName}}
{{else}}
{{ctx.Locale.Tr "packages.published_by" $timeStr .PackageDescriptor.Creator.HomeLink (.PackageDescriptor.Creator.GetDisplayName | Escape)}}
{{ctx.Locale.Tr "packages.published_by" $timeStr .PackageDescriptor.Creator.HomeLink .PackageDescriptor.Creator.GetDisplayName}}
{{end}}
</div>
</div>
Expand Down
2 changes: 1 addition & 1 deletion templates/repo/code/recently_pushed_new_branches.tmpl
View file
Open in desktop
Expand Up @@ -2,7 +2,7 @@
<div class="ui positive message gt-df gt-ac">
<div class="gt-f1">
{{$timeSince := TimeSince .CommitTime.AsTime ctx.Locale}}
{{ctx.Locale.Tr "repo.pulls.recently_pushed_new_branches" (Escape .Name) $timeSince}}
{{ctx.Locale.Tr "repo.pulls.recently_pushed_new_branches" .Name $timeSince}}
</div>
<a role="button" class="ui compact positive button gt-m-0" href="{{$.Repository.ComposeBranchCompareURL $.Repository.BaseRepo .Name}}">
{{ctx.Locale.Tr "repo.pulls.compare_changes"}}
Expand Down
2 changes: 1 addition & 1 deletion templates/repo/create_helper.tmpl
View file
Open in desktop
@@ -1,3 +1,3 @@
{{if not $.DisableMigrations}}
<p class="ui center">{{ctx.Locale.Tr "repo.new_repo_helper" ((print AppSubUrl "/repo/migrate")|Escape)}}</p>
<p class="ui center">{{ctx.Locale.Tr "repo.new_repo_helper" (print AppSubUrl "/repo/migrate")}}</p>
{{end}}
6 changes: 3 additions & 3 deletions templates/repo/diff/comments.tmpl
View file
Open in desktop
Expand Up @@ -16,17 +16,17 @@
{{.OriginalAuthor}}
</span>
<span class="text grey muted-links">
{{ctx.Locale.Tr "repo.issues.commented_at" (.HashTag|Escape) $createdStr}}
{{ctx.Locale.Tr "repo.issues.commented_at" .HashTag $createdStr}}
</span>
<span class="text migrate">
{{if $.root.Repository.OriginalURL}}
({{ctx.Locale.Tr "repo.migrated_from" ($.root.Repository.OriginalURL | Escape) ($.root.Repository.GetOriginalURLHostname | Escape)}})
({{ctx.Locale.Tr "repo.migrated_from" $.root.Repository.OriginalURL $.root.Repository.GetOriginalURLHostname}})
{{end}}
</span>
{{else}}
<span class="text grey muted-links">
{{template "shared/user/namelink" .Poster}}
{{ctx.Locale.Tr "repo.issues.commented_at" (.HashTag|Escape) $createdStr}}
{{ctx.Locale.Tr "repo.issues.commented_at" .HashTag $createdStr}}
</span>
{{end}}
</div>
Expand Down
8 changes: 4 additions & 4 deletions templates/repo/diff/compare.tmpl
View file
Open in desktop
Expand Up @@ -194,19 +194,19 @@
{{if .HasPullRequest}}
<div class="ui segment grid title">
<div class="twelve wide column issue-title">
{{ctx.Locale.Tr "repo.pulls.has_pull_request" (print (Escape $.RepoLink) "/pulls/" .PullRequest.Issue.Index) (Escape $.RepoRelPath) .PullRequest.Index}}
{{ctx.Locale.Tr "repo.pulls.has_pull_request" (print $.RepoLink "/pulls/" .PullRequest.Issue.Index) $.RepoRelPath .PullRequest.Index}}
<h1>
<span id="issue-title">{{RenderIssueTitle $.Context .PullRequest.Issue.Title ($.Repository.ComposeMetas ctx)}}</span>
<span class="index">#{{.PullRequest.Issue.Index}}</span>
</h1>
</div>
<div class="four wide column middle aligned text right">
{{- if .PullRequest.HasMerged -}}
<a href="{{Escape $.RepoLink}}/pulls/{{.PullRequest.Issue.Index}}" class="ui button purple show-form">{{svg "octicon-git-merge" 16}} {{ctx.Locale.Tr "repo.pulls.view"}}</a>
<a href="{{$.RepoLink}}/pulls/{{.PullRequest.Issue.Index}}" class="ui button purple show-form">{{svg "octicon-git-merge" 16}} {{ctx.Locale.Tr "repo.pulls.view"}}</a>
{{else if .Issue.IsClosed}}
<a href="{{Escape $.RepoLink}}/pulls/{{.PullRequest.Issue.Index}}" class="ui button red show-form">{{svg "octicon-issue-closed" 16}} {{ctx.Locale.Tr "repo.pulls.view"}}</a>
<a href="{{$.RepoLink}}/pulls/{{.PullRequest.Issue.Index}}" class="ui button red show-form">{{svg "octicon-issue-closed" 16}} {{ctx.Locale.Tr "repo.pulls.view"}}</a>
{{else}}
<a href="{{Escape $.RepoLink}}/pulls/{{.PullRequest.Issue.Index}}" class="ui button primary show-form">{{svg "octicon-git-pull-request" 16}} {{ctx.Locale.Tr "repo.pulls.view"}}</a>
<a href="{{$.RepoLink}}/pulls/{{.PullRequest.Issue.Index}}" class="ui button primary show-form">{{svg "octicon-git-pull-request" 16}} {{ctx.Locale.Tr "repo.pulls.view"}}</a>
{{end}}
</div>
</div>
Expand Down
2 changes: 1 addition & 1 deletion templates/repo/editor/commit_form.tmpl
View file
Open in desktop
Expand Up @@ -26,7 +26,7 @@
<input type="radio" class="js-quick-pull-choice-option" name="commit_choice" value="direct" button_text="{{ctx.Locale.Tr "repo.editor.commit_changes"}}" {{if eq .commit_choice "direct"}}checked{{end}}>
<label>
{{svg "octicon-git-commit"}}
{{ctx.Locale.Tr "repo.editor.commit_directly_to_this_branch" (.BranchName|Escape)}}
{{ctx.Locale.Tr "repo.editor.commit_directly_to_this_branch" .BranchName}}
{{if not .CanCommitToBranch.CanCommitToBranch}}
<div class="ui visible small warning message">
{{ctx.Locale.Tr "repo.editor.no_commit_to_branch"}}
Expand Down
6 changes: 3 additions & 3 deletions templates/repo/issue/card.tmpl
View file
Open in desktop
Expand Up @@ -23,11 +23,11 @@
{{if not $.Page.Repository}}{{.Repo.FullName}}{{end}}#{{.Index}}
{{$timeStr := TimeSinceUnix .GetLastEventTimestamp ctx.Locale}}
{{if .OriginalAuthor}}
{{ctx.Locale.Tr .GetLastEventLabelFake $timeStr (.OriginalAuthor|Escape)}}
{{ctx.Locale.Tr .GetLastEventLabelFake $timeStr .OriginalAuthor}}
{{else if gt .Poster.ID 0}}
{{ctx.Locale.Tr .GetLastEventLabel $timeStr (.Poster.HomeLink|Escape) (.Poster.GetDisplayName | Escape)}}
{{ctx.Locale.Tr .GetLastEventLabel $timeStr .Poster.HomeLink .Poster.GetDisplayName}}
{{else}}
{{ctx.Locale.Tr .GetLastEventLabelFake $timeStr (.Poster.GetDisplayName | Escape)}}
{{ctx.Locale.Tr .GetLastEventLabelFake $timeStr .Poster.GetDisplayName}}
{{end}}
</span>
</div>
Expand Down
2 changes: 1 addition & 1 deletion templates/repo/issue/new_form.tmpl
View file
Open in desktop
Expand Up @@ -13,7 +13,7 @@
<div class="field">
<input name="title" id="issue_title" placeholder="{{ctx.Locale.Tr "repo.milestones.title"}}" value="{{if .TitleQuery}}{{.TitleQuery}}{{else if .IssueTemplateTitle}}{{.IssueTemplateTitle}}{{else}}{{.title}}{{end}}" autofocus required maxlength="255" autocomplete="off">
{{if .PageIsComparePull}}
<div class="title_wip_desc" data-wip-prefixes="{{JsonUtils.EncodeToString .PullRequestWorkInProgressPrefixes}}">{{ctx.Locale.Tr "repo.pulls.title_wip_desc" (index .PullRequestWorkInProgressPrefixes 0| Escape)}}</div>
<div class="title_wip_desc" data-wip-prefixes="{{JsonUtils.EncodeToString .PullRequestWorkInProgressPrefixes}}">{{ctx.Locale.Tr "repo.pulls.title_wip_desc" (index .PullRequestWorkInProgressPrefixes 0)}}</div>
{{end}}
</div>
{{if .Fields}}
Expand Down
8 changes: 4 additions & 4 deletions templates/repo/issue/view_content.tmpl
View file
Open in desktop
Expand Up @@ -28,18 +28,18 @@
{{.Issue.OriginalAuthor}}
</span>
<span class="text grey muted-links">
{{ctx.Locale.Tr "repo.issues.commented_at" (.Issue.HashTag|Escape) $createdStr}}
{{ctx.Locale.Tr "repo.issues.commented_at" .Issue.HashTag $createdStr}}
</span>
<span class="text migrate">
{{if .Repository.OriginalURL}} ({{ctx.Locale.Tr "repo.migrated_from" (.Repository.OriginalURL|Escape) (.Repository.GetOriginalURLHostname|Escape)}}){{end}}
{{if .Repository.OriginalURL}} ({{ctx.Locale.Tr "repo.migrated_from" .Repository.OriginalURL .Repository.GetOriginalURLHostname}}){{end}}
</span>
{{else}}
<a class="inline-timeline-avatar" href="{{.Issue.Poster.HomeLink}}">
{{ctx.AvatarUtils.Avatar .Issue.Poster 24}}
</a>
<span class="text grey muted-links">
{{template "shared/user/authorlink" .Issue.Poster}}
{{ctx.Locale.Tr "repo.issues.commented_at" (.Issue.HashTag|Escape) $createdStr}}
{{ctx.Locale.Tr "repo.issues.commented_at" .Issue.HashTag $createdStr}}
</span>
{{end}}
</div>
Expand Down Expand Up @@ -133,7 +133,7 @@
</div>
{{else}}
<div class="ui warning message">
{{ctx.Locale.Tr "repo.issues.sign_in_require_desc" (.SignInLink|Escape)}}
{{ctx.Locale.Tr "repo.issues.sign_in_require_desc" .SignInLink}}
</div>
{{end}}
{{end}}{{/* end if: .IsSigned */}}
Expand Down