From d2f6588b66549b33adf8bac7044d03c89d668470 Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Sun, 25 Feb 2024 22:02:20 +0800 Subject: [PATCH] Remove incorrect and unnecessary Escape from templates (#29394) Follow #29165 * some of them are incorrect, which would lead to double escaping (eg: `(print (Escape $.RepoLink)`) * other of them are not necessary, because `Tr` handles strings&HTML automatically Suggest to review by "unified view": https://github.com/go-gitea/gitea/pull/29394/files?diff=unified&w=0 --- modules/templates/helper.go | 4 +- templates/code/searchcombo.tmpl | 2 +- templates/explore/repo_search.tmpl | 2 +- templates/mail/auth/register_notify.tmpl | 2 +- templates/mail/issue/default.tmpl | 18 +++---- templates/package/shared/list.tmpl | 4 +- templates/package/shared/versionlist.tmpl | 2 +- templates/package/view.tmpl | 4 +- .../code/recently_pushed_new_branches.tmpl | 2 +- templates/repo/create_helper.tmpl | 2 +- templates/repo/diff/comments.tmpl | 6 +-- templates/repo/diff/compare.tmpl | 8 ++-- templates/repo/editor/commit_form.tmpl | 2 +- templates/repo/issue/card.tmpl | 6 +-- templates/repo/issue/new_form.tmpl | 2 +- templates/repo/issue/view_content.tmpl | 8 ++-- .../repo/issue/view_content/comments.tmpl | 38 +++++++-------- .../repo/issue/view_content/conversation.tmpl | 2 +- templates/repo/issue/view_content/pull.tmpl | 4 +- .../repo/issue/view_content/sidebar.tmpl | 8 ++-- templates/repo/issue/view_title.tmpl | 6 +-- templates/repo/search.tmpl | 2 +- templates/repo/settings/protected_branch.tmpl | 2 +- templates/repo/wiki/view.tmpl | 2 +- templates/shared/issuelist.tmpl | 6 +-- templates/user/auth/activate.tmpl | 6 +-- templates/user/auth/forgot_passwd.tmpl | 2 +- templates/user/dashboard/feeds.tmpl | 48 +++++++++---------- 28 files changed, 100 insertions(+), 100 deletions(-) diff --git a/modules/templates/helper.go b/modules/templates/helper.go index 5679487498..0f39767586 100644 --- a/modules/templates/helper.go +++ b/modules/templates/helper.go @@ -37,7 +37,7 @@ func NewFuncMap() template.FuncMap { "Eval": Eval, "SafeHTML": SafeHTML, "HTMLFormat": HTMLFormat, - "Escape": Escape, + "HTMLEscape": HTMLEscape, "QueryEscape": url.QueryEscape, "JSEscape": JSEscapeSafe, "Str2html": Str2html, // TODO: rename it to SanitizeHTML @@ -218,7 +218,7 @@ func Str2html(s any) template.HTML { panic(fmt.Sprintf("unexpected type %T", s)) } -func Escape(s any) template.HTML { +func HTMLEscape(s any) template.HTML { switch v := s.(type) { case string: return template.HTML(html.EscapeString(v)) diff --git a/templates/code/searchcombo.tmpl b/templates/code/searchcombo.tmpl index d256890918..d451bc0ad8 100644 --- a/templates/code/searchcombo.tmpl +++ b/templates/code/searchcombo.tmpl @@ -7,7 +7,7 @@ {{else if .SearchResults}}

- {{ctx.Locale.Tr "explore.code_search_results" (.Keyword|Escape)}} + {{ctx.Locale.Tr "explore.code_search_results" .Keyword}}

{{template "code/searchresults" .}} {{else if .Keyword}} diff --git a/templates/explore/repo_search.tmpl b/templates/explore/repo_search.tmpl index 7ae4a4ed6f..e268670e93 100644 --- a/templates/explore/repo_search.tmpl +++ b/templates/explore/repo_search.tmpl @@ -36,7 +36,7 @@ {{if and .PageIsExploreRepositories .OnlyShowRelevant}}
- {{ctx.Locale.Tr "explore.relevant_repositories" ((printf "?only_show_relevant=0&sort=%s&q=%s&language=%s" $.SortType (QueryEscape $.Keyword) (QueryEscape $.Language))|Escape)}} + {{ctx.Locale.Tr "explore.relevant_repositories" (printf "?only_show_relevant=0&sort=%s&q=%s&language=%s" $.SortType (QueryEscape $.Keyword) (QueryEscape $.Language))}}
{{end}}
diff --git a/templates/mail/auth/register_notify.tmpl b/templates/mail/auth/register_notify.tmpl index ec3e09dd5f..62dbf7d927 100644 --- a/templates/mail/auth/register_notify.tmpl +++ b/templates/mail/auth/register_notify.tmpl @@ -11,7 +11,7 @@

{{.locale.Tr "mail.hi_user_x" (.DisplayName|DotEscape)}}


{{.locale.Tr "mail.register_notify.text_1" AppName}}


{{.locale.Tr "mail.register_notify.text_2" .Username}}

{{AppUrl}}user/login


-

{{.locale.Tr "mail.register_notify.text_3" ($set_pwd_url | Escape)}}


+

{{.locale.Tr "mail.register_notify.text_3" $set_pwd_url}}


© {{AppName}}

diff --git a/templates/mail/issue/default.tmpl b/templates/mail/issue/default.tmpl index c48797d827..79dbe897cc 100644 --- a/templates/mail/issue/default.tmpl +++ b/templates/mail/issue/default.tmpl @@ -36,26 +36,26 @@ {{end}}

{{if eq .ActionName "close"}} - {{.locale.Tr "mail.issue.action.close" (Escape .Doer.Name) .Issue.Index}} + {{.locale.Tr "mail.issue.action.close" .Doer.Name .Issue.Index}} {{else if eq .ActionName "reopen"}} - {{.locale.Tr "mail.issue.action.reopen" (Escape .Doer.Name) .Issue.Index}} + {{.locale.Tr "mail.issue.action.reopen" .Doer.Name .Issue.Index}} {{else if eq .ActionName "merge"}} - {{.locale.Tr "mail.issue.action.merge" (Escape .Doer.Name) .Issue.Index (Escape .Issue.PullRequest.BaseBranch)}} + {{.locale.Tr "mail.issue.action.merge" .Doer.Name .Issue.Index .Issue.PullRequest.BaseBranch}} {{else if eq .ActionName "approve"}} - {{.locale.Tr "mail.issue.action.approve" (Escape .Doer.Name)}} + {{.locale.Tr "mail.issue.action.approve" .Doer.Name}} {{else if eq .ActionName "reject"}} - {{.locale.Tr "mail.issue.action.reject" (Escape .Doer.Name)}} + {{.locale.Tr "mail.issue.action.reject" .Doer.Name}} {{else if eq .ActionName "review"}} - {{.locale.Tr "mail.issue.action.review" (Escape .Doer.Name)}} + {{.locale.Tr "mail.issue.action.review" .Doer.Name}} {{else if eq .ActionName "review_dismissed"}} - {{.locale.Tr "mail.issue.action.review_dismissed" (Escape .Doer.Name) (Escape .Comment.Review.Reviewer.Name)}} + {{.locale.Tr "mail.issue.action.review_dismissed" .Doer.Name .Comment.Review.Reviewer.Name}} {{else if eq .ActionName "ready_for_review"}} - {{.locale.Tr "mail.issue.action.ready_for_review" (Escape .Doer.Name)}} + {{.locale.Tr "mail.issue.action.ready_for_review" .Doer.Name}} {{end}} {{- if eq .Body ""}} {{if eq .ActionName "new"}} - {{.locale.Tr "mail.issue.action.new" (Escape .Doer.Name) .Issue.Index}} + {{.locale.Tr "mail.issue.action.new" .Doer.Name .Issue.Index}} {{end}} {{else}} {{.Body | Str2html}} diff --git a/templates/package/shared/list.tmpl b/templates/package/shared/list.tmpl index 8c8b113c97..51e080f495 100644 --- a/templates/package/shared/list.tmpl +++ b/templates/package/shared/list.tmpl @@ -30,9 +30,9 @@ {{$hasRepositoryAccess = index $.RepositoryAccessMap .Repository.ID}} {{end}} {{if $hasRepositoryAccess}} - {{ctx.Locale.Tr "packages.published_by_in" $timeStr .Creator.HomeLink (.Creator.GetDisplayName | Escape) .Repository.Link (.Repository.FullName | Escape)}} + {{ctx.Locale.Tr "packages.published_by_in" $timeStr .Creator.HomeLink .Creator.GetDisplayName .Repository.Link .Repository.FullName}} {{else}} - {{ctx.Locale.Tr "packages.published_by" $timeStr .Creator.HomeLink (.Creator.GetDisplayName | Escape)}} + {{ctx.Locale.Tr "packages.published_by" $timeStr .Creator.HomeLink .Creator.GetDisplayName}} {{end}} diff --git a/templates/package/shared/versionlist.tmpl b/templates/package/shared/versionlist.tmpl index 4b22dc22b2..eee952c096 100644 --- a/templates/package/shared/versionlist.tmpl +++ b/templates/package/shared/versionlist.tmpl @@ -25,7 +25,7 @@

{{.Version.LowerVersion}}
- {{ctx.Locale.Tr "packages.published_by" (TimeSinceUnix .Version.CreatedUnix ctx.Locale) .Creator.HomeLink (.Creator.GetDisplayName | Escape)}} + {{ctx.Locale.Tr "packages.published_by" (TimeSinceUnix .Version.CreatedUnix ctx.Locale) .Creator.HomeLink .Creator.GetDisplayName}}
diff --git a/templates/package/view.tmpl b/templates/package/view.tmpl index 65502a6e4d..0fa23d67fd 100644 --- a/templates/package/view.tmpl +++ b/templates/package/view.tmpl @@ -10,9 +10,9 @@
{{$timeStr := TimeSinceUnix .PackageDescriptor.Version.CreatedUnix ctx.Locale}} {{if .HasRepositoryAccess}} - {{ctx.Locale.Tr "packages.published_by_in" $timeStr .PackageDescriptor.Creator.HomeLink (.PackageDescriptor.Creator.GetDisplayName | Escape) .PackageDescriptor.Repository.Link (.PackageDescriptor.Repository.FullName | Escape)}} + {{ctx.Locale.Tr "packages.published_by_in" $timeStr .PackageDescriptor.Creator.HomeLink .PackageDescriptor.Creator.GetDisplayName .PackageDescriptor.Repository.Link .PackageDescriptor.Repository.FullName}} {{else}} - {{ctx.Locale.Tr "packages.published_by" $timeStr .PackageDescriptor.Creator.HomeLink (.PackageDescriptor.Creator.GetDisplayName | Escape)}} + {{ctx.Locale.Tr "packages.published_by" $timeStr .PackageDescriptor.Creator.HomeLink .PackageDescriptor.Creator.GetDisplayName}} {{end}}
diff --git a/templates/repo/code/recently_pushed_new_branches.tmpl b/templates/repo/code/recently_pushed_new_branches.tmpl index 73c9c45178..fedba06fad 100644 --- a/templates/repo/code/recently_pushed_new_branches.tmpl +++ b/templates/repo/code/recently_pushed_new_branches.tmpl @@ -2,7 +2,7 @@
{{$timeSince := TimeSince .CommitTime.AsTime ctx.Locale}} - {{ctx.Locale.Tr "repo.pulls.recently_pushed_new_branches" (Escape .Name) $timeSince}} + {{ctx.Locale.Tr "repo.pulls.recently_pushed_new_branches" .Name $timeSince}}
{{ctx.Locale.Tr "repo.pulls.compare_changes"}} diff --git a/templates/repo/create_helper.tmpl b/templates/repo/create_helper.tmpl index 6ca691592c..70c28b72e8 100644 --- a/templates/repo/create_helper.tmpl +++ b/templates/repo/create_helper.tmpl @@ -1,3 +1,3 @@ {{if not $.DisableMigrations}} -

{{ctx.Locale.Tr "repo.new_repo_helper" ((print AppSubUrl "/repo/migrate")|Escape)}}

+

{{ctx.Locale.Tr "repo.new_repo_helper" (print AppSubUrl "/repo/migrate")}}

{{end}} diff --git a/templates/repo/diff/comments.tmpl b/templates/repo/diff/comments.tmpl index b795074e49..e567417fa6 100644 --- a/templates/repo/diff/comments.tmpl +++ b/templates/repo/diff/comments.tmpl @@ -16,17 +16,17 @@ {{.OriginalAuthor}} - {{ctx.Locale.Tr "repo.issues.commented_at" (.HashTag|Escape) $createdStr}} + {{ctx.Locale.Tr "repo.issues.commented_at" .HashTag $createdStr}} {{if $.root.Repository.OriginalURL}} - ({{ctx.Locale.Tr "repo.migrated_from" ($.root.Repository.OriginalURL | Escape) ($.root.Repository.GetOriginalURLHostname | Escape)}}) + ({{ctx.Locale.Tr "repo.migrated_from" $.root.Repository.OriginalURL $.root.Repository.GetOriginalURLHostname}}) {{end}} {{else}} {{template "shared/user/namelink" .Poster}} - {{ctx.Locale.Tr "repo.issues.commented_at" (.HashTag|Escape) $createdStr}} + {{ctx.Locale.Tr "repo.issues.commented_at" .HashTag $createdStr}} {{end}}
diff --git a/templates/repo/diff/compare.tmpl b/templates/repo/diff/compare.tmpl index 7a618ba8e6..819bd8a2f0 100644 --- a/templates/repo/diff/compare.tmpl +++ b/templates/repo/diff/compare.tmpl @@ -194,7 +194,7 @@ {{if .HasPullRequest}}
- {{ctx.Locale.Tr "repo.pulls.has_pull_request" (print (Escape $.RepoLink) "/pulls/" .PullRequest.Issue.Index) (Escape $.RepoRelPath) .PullRequest.Index}} + {{ctx.Locale.Tr "repo.pulls.has_pull_request" (print $.RepoLink "/pulls/" .PullRequest.Issue.Index) $.RepoRelPath .PullRequest.Index}}

{{RenderIssueTitle $.Context .PullRequest.Issue.Title ($.Repository.ComposeMetas ctx)}} #{{.PullRequest.Issue.Index}} @@ -202,11 +202,11 @@

diff --git a/templates/repo/editor/commit_form.tmpl b/templates/repo/editor/commit_form.tmpl index c8f062b5c5..f0f0f47826 100644 --- a/templates/repo/editor/commit_form.tmpl +++ b/templates/repo/editor/commit_form.tmpl @@ -26,7 +26,7 @@