Skip to content

Commit d2f6588

Browse files
wxiaoguangwxiaoguang
authored
Remove incorrect and unnecessary Escape from templates (#29394)
Follow #29165 * some of them are incorrect, which would lead to double escaping (eg: `(print (Escape $.RepoLink)`) * other of them are not necessary, because `Tr` handles strings&HTML automatically Suggest to review by "unified view": https://github.com/go-gitea/gitea/pull/29394/files?diff=unified&w=0
1 parent ea164ab commit d2f6588

28 files changed

+100
-100
lines changed

modules/templates/helper.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@ func NewFuncMap() template.FuncMap {
3737
"Eval": Eval,
3838
"SafeHTML": SafeHTML,
3939
"HTMLFormat": HTMLFormat,
40-
"Escape": Escape,
40+
"HTMLEscape": HTMLEscape,
4141
"QueryEscape": url.QueryEscape,
4242
"JSEscape": JSEscapeSafe,
4343
"Str2html": Str2html, // TODO: rename it to SanitizeHTML
@@ -218,7 +218,7 @@ func Str2html(s any) template.HTML {
218218
panic(fmt.Sprintf("unexpected type %T", s))
219219
}
220220

221-
func Escape(s any) template.HTML {
221+
func HTMLEscape(s any) template.HTML {
222222
switch v := s.(type) {
223223
case string:
224224
return template.HTML(html.EscapeString(v))

templates/code/searchcombo.tmpl

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
</div>
88
{{else if .SearchResults}}
99
<h3>
10-
{{ctx.Locale.Tr "explore.code_search_results" (.Keyword|Escape)}}
10+
{{ctx.Locale.Tr "explore.code_search_results" .Keyword}}
1111
</h3>
1212
{{template "code/searchresults" .}}
1313
{{else if .Keyword}}

templates/explore/repo_search.tmpl

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,7 @@
3636
</div>
3737
{{if and .PageIsExploreRepositories .OnlyShowRelevant}}
3838
<div class="ui message explore-relevancy-note">
39-
<span data-tooltip-content="{{ctx.Locale.Tr "explore.relevant_repositories_tooltip"}}">{{ctx.Locale.Tr "explore.relevant_repositories" ((printf "?only_show_relevant=0&sort=%s&q=%s&language=%s" $.SortType (QueryEscape $.Keyword) (QueryEscape $.Language))|Escape)}}</span>
39+
<span data-tooltip-content="{{ctx.Locale.Tr "explore.relevant_repositories_tooltip"}}">{{ctx.Locale.Tr "explore.relevant_repositories" (printf "?only_show_relevant=0&sort=%s&q=%s&language=%s" $.SortType (QueryEscape $.Keyword) (QueryEscape $.Language))}}</span>
4040
</div>
4141
{{end}}
4242
<div class="divider"></div>

templates/mail/auth/register_notify.tmpl

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@
1111
<p>{{.locale.Tr "mail.hi_user_x" (.DisplayName|DotEscape)}}</p><br>
1212
<p>{{.locale.Tr "mail.register_notify.text_1" AppName}}</p><br>
1313
<p>{{.locale.Tr "mail.register_notify.text_2" .Username}}</p><p><a href="{{AppUrl}}user/login">{{AppUrl}}user/login</a></p><br>
14-
<p>{{.locale.Tr "mail.register_notify.text_3" ($set_pwd_url | Escape)}}</p><br>
14+
<p>{{.locale.Tr "mail.register_notify.text_3" $set_pwd_url}}</p><br>
1515

1616
<p>© <a target="_blank" rel="noopener noreferrer" href="{{AppUrl}}">{{AppName}}</a></p>
1717
</body>

templates/mail/issue/default.tmpl

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -36,26 +36,26 @@
3636
{{end}}
3737
<p>
3838
{{if eq .ActionName "close"}}
39-
{{.locale.Tr "mail.issue.action.close" (Escape .Doer.Name) .Issue.Index}}
39+
{{.locale.Tr "mail.issue.action.close" .Doer.Name .Issue.Index}}
4040
{{else if eq .ActionName "reopen"}}
41-
{{.locale.Tr "mail.issue.action.reopen" (Escape .Doer.Name) .Issue.Index}}
41+
{{.locale.Tr "mail.issue.action.reopen" .Doer.Name .Issue.Index}}
4242
{{else if eq .ActionName "merge"}}
43-
{{.locale.Tr "mail.issue.action.merge" (Escape .Doer.Name) .Issue.Index (Escape .Issue.PullRequest.BaseBranch)}}
43+
{{.locale.Tr "mail.issue.action.merge" .Doer.Name .Issue.Index .Issue.PullRequest.BaseBranch}}
4444
{{else if eq .ActionName "approve"}}
45-
{{.locale.Tr "mail.issue.action.approve" (Escape .Doer.Name)}}
45+
{{.locale.Tr "mail.issue.action.approve" .Doer.Name}}
4646
{{else if eq .ActionName "reject"}}
47-
{{.locale.Tr "mail.issue.action.reject" (Escape .Doer.Name)}}
47+
{{.locale.Tr "mail.issue.action.reject" .Doer.Name}}
4848
{{else if eq .ActionName "review"}}
49-
{{.locale.Tr "mail.issue.action.review" (Escape .Doer.Name)}}
49+
{{.locale.Tr "mail.issue.action.review" .Doer.Name}}
5050
{{else if eq .ActionName "review_dismissed"}}
51-
{{.locale.Tr "mail.issue.action.review_dismissed" (Escape .Doer.Name) (Escape .Comment.Review.Reviewer.Name)}}
51+
{{.locale.Tr "mail.issue.action.review_dismissed" .Doer.Name .Comment.Review.Reviewer.Name}}
5252
{{else if eq .ActionName "ready_for_review"}}
53-
{{.locale.Tr "mail.issue.action.ready_for_review" (Escape .Doer.Name)}}
53+
{{.locale.Tr "mail.issue.action.ready_for_review" .Doer.Name}}
5454
{{end}}
5555

5656
{{- if eq .Body ""}}
5757
{{if eq .ActionName "new"}}
58-
{{.locale.Tr "mail.issue.action.new" (Escape .Doer.Name) .Issue.Index}}
58+
{{.locale.Tr "mail.issue.action.new" .Doer.Name .Issue.Index}}
5959
{{end}}
6060
{{else}}
6161
{{.Body | Str2html}}

templates/package/shared/list.tmpl

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -30,9 +30,9 @@
3030
{{$hasRepositoryAccess = index $.RepositoryAccessMap .Repository.ID}}
3131
{{end}}
3232
{{if $hasRepositoryAccess}}
33-
{{ctx.Locale.Tr "packages.published_by_in" $timeStr .Creator.HomeLink (.Creator.GetDisplayName | Escape) .Repository.Link (.Repository.FullName | Escape)}}
33+
{{ctx.Locale.Tr "packages.published_by_in" $timeStr .Creator.HomeLink .Creator.GetDisplayName .Repository.Link .Repository.FullName}}
3434
{{else}}
35-
{{ctx.Locale.Tr "packages.published_by" $timeStr .Creator.HomeLink (.Creator.GetDisplayName | Escape)}}
35+
{{ctx.Locale.Tr "packages.published_by" $timeStr .Creator.HomeLink .Creator.GetDisplayName}}
3636
{{end}}
3737
</div>
3838
</div>

templates/package/shared/versionlist.tmpl

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@
2525
<div class="flex-item-main">
2626
<a class="flex-item-title" href="{{.FullWebLink}}">{{.Version.LowerVersion}}</a>
2727
<div class="flex-item-body">
28-
{{ctx.Locale.Tr "packages.published_by" (TimeSinceUnix .Version.CreatedUnix ctx.Locale) .Creator.HomeLink (.Creator.GetDisplayName | Escape)}}
28+
{{ctx.Locale.Tr "packages.published_by" (TimeSinceUnix .Version.CreatedUnix ctx.Locale) .Creator.HomeLink .Creator.GetDisplayName}}
2929
</div>
3030
</div>
3131
</div>

templates/package/view.tmpl

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,9 +10,9 @@
1010
<div>
1111
{{$timeStr := TimeSinceUnix .PackageDescriptor.Version.CreatedUnix ctx.Locale}}
1212
{{if .HasRepositoryAccess}}
13-
{{ctx.Locale.Tr "packages.published_by_in" $timeStr .PackageDescriptor.Creator.HomeLink (.PackageDescriptor.Creator.GetDisplayName | Escape) .PackageDescriptor.Repository.Link (.PackageDescriptor.Repository.FullName | Escape)}}
13+
{{ctx.Locale.Tr "packages.published_by_in" $timeStr .PackageDescriptor.Creator.HomeLink .PackageDescriptor.Creator.GetDisplayName .PackageDescriptor.Repository.Link .PackageDescriptor.Repository.FullName}}
1414
{{else}}
15-
{{ctx.Locale.Tr "packages.published_by" $timeStr .PackageDescriptor.Creator.HomeLink (.PackageDescriptor.Creator.GetDisplayName | Escape)}}
15+
{{ctx.Locale.Tr "packages.published_by" $timeStr .PackageDescriptor.Creator.HomeLink .PackageDescriptor.Creator.GetDisplayName}}
1616
{{end}}
1717
</div>
1818
</div>

templates/repo/code/recently_pushed_new_branches.tmpl

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
<div class="ui positive message gt-df gt-ac">
33
<div class="gt-f1">
44
{{$timeSince := TimeSince .CommitTime.AsTime ctx.Locale}}
5-
{{ctx.Locale.Tr "repo.pulls.recently_pushed_new_branches" (Escape .Name) $timeSince}}
5+
{{ctx.Locale.Tr "repo.pulls.recently_pushed_new_branches" .Name $timeSince}}
66
</div>
77
<a role="button" class="ui compact positive button gt-m-0" href="{{$.Repository.ComposeBranchCompareURL $.Repository.BaseRepo .Name}}">
88
{{ctx.Locale.Tr "repo.pulls.compare_changes"}}

templates/repo/create_helper.tmpl

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,3 @@
11
{{if not $.DisableMigrations}}
2-
<p class="ui center">{{ctx.Locale.Tr "repo.new_repo_helper" ((print AppSubUrl "/repo/migrate")|Escape)}}</p>
2+
<p class="ui center">{{ctx.Locale.Tr "repo.new_repo_helper" (print AppSubUrl "/repo/migrate")}}</p>
33
{{end}}

0 commit comments

Comments
 (0)