mirror of https://github.com/jlelse/GoBlog
Fix formatting of contact messages
This commit is contained in:
parent
116b9eb8cc
commit
286c0f821a
12
contact.go
12
contact.go
|
@ -7,10 +7,7 @@ import (
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/smtp"
|
"net/smtp"
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/microcosm-cc/bluemonday"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
const defaultContactPath = "/contact"
|
const defaultContactPath = "/contact"
|
||||||
|
@ -30,15 +27,14 @@ func (a *goBlog) serveContactForm(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
func (a *goBlog) sendContactSubmission(w http.ResponseWriter, r *http.Request) {
|
func (a *goBlog) sendContactSubmission(w http.ResponseWriter, r *http.Request) {
|
||||||
// Get form values
|
// Get form values
|
||||||
strict := bluemonday.StrictPolicy()
|
|
||||||
// Name
|
// Name
|
||||||
formName := strings.TrimSpace(strict.Sanitize(r.FormValue("name")))
|
formName := cleanHTMLText(r.FormValue("name"))
|
||||||
// Email
|
// Email
|
||||||
formEmail := strings.TrimSpace(strict.Sanitize(r.FormValue("email")))
|
formEmail := cleanHTMLText(r.FormValue("email"))
|
||||||
// Website
|
// Website
|
||||||
formWebsite := strings.TrimSpace(strict.Sanitize(r.FormValue("website")))
|
formWebsite := cleanHTMLText(r.FormValue("website"))
|
||||||
// Message
|
// Message
|
||||||
formMessage := strings.TrimSpace(strict.Sanitize(r.FormValue("message")))
|
formMessage := cleanHTMLText(r.FormValue("message"))
|
||||||
if formMessage == "" {
|
if formMessage == "" {
|
||||||
a.serveError(w, r, "Message is empty", http.StatusBadRequest)
|
a.serveError(w, r, "Message is empty", http.StatusBadRequest)
|
||||||
return
|
return
|
||||||
|
|
|
@ -90,7 +90,7 @@ func (a *goBlog) renderText(s string) string {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return ""
|
return ""
|
||||||
}
|
}
|
||||||
return htmlText(h)
|
return htmlText(string(h))
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a *goBlog) renderMdTitle(s string) string {
|
func (a *goBlog) renderMdTitle(s string) string {
|
||||||
|
@ -99,7 +99,7 @@ func (a *goBlog) renderMdTitle(s string) string {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return ""
|
return ""
|
||||||
}
|
}
|
||||||
return htmlText(buffer.Bytes())
|
return htmlText(buffer.String())
|
||||||
}
|
}
|
||||||
|
|
||||||
// Extensions etc...
|
// Extensions etc...
|
||||||
|
|
3
posts.go
3
posts.go
|
@ -12,7 +12,6 @@ import (
|
||||||
"sync"
|
"sync"
|
||||||
|
|
||||||
"github.com/go-chi/chi/v5"
|
"github.com/go-chi/chi/v5"
|
||||||
"github.com/microcosm-cc/bluemonday"
|
|
||||||
"github.com/vcraescu/go-paginator"
|
"github.com/vcraescu/go-paginator"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -220,7 +219,7 @@ func (a *goBlog) serveIndex(w http.ResponseWriter, r *http.Request) {
|
||||||
search := chi.URLParam(r, "search")
|
search := chi.URLParam(r, "search")
|
||||||
if search != "" {
|
if search != "" {
|
||||||
// Decode and sanitize search
|
// Decode and sanitize search
|
||||||
search = htmlText([]byte(bluemonday.StrictPolicy().Sanitize(searchDecode(search))))
|
search = cleanHTMLText(searchDecode(search))
|
||||||
}
|
}
|
||||||
pageNoString := chi.URLParam(r, "page")
|
pageNoString := chi.URLParam(r, "page")
|
||||||
pageNo, _ := strconv.Atoi(pageNoString)
|
pageNo, _ := strconv.Atoi(pageNoString)
|
||||||
|
|
|
@ -7,8 +7,6 @@ import (
|
||||||
"net/url"
|
"net/url"
|
||||||
"path"
|
"path"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/microcosm-cc/bluemonday"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
const defaultSearchPath = "/search"
|
const defaultSearchPath = "/search"
|
||||||
|
@ -24,7 +22,7 @@ func (a *goBlog) serveSearch(w http.ResponseWriter, r *http.Request) {
|
||||||
}
|
}
|
||||||
if q := r.Form.Get("q"); q != "" {
|
if q := r.Form.Get("q"); q != "" {
|
||||||
// Clean query
|
// Clean query
|
||||||
q = htmlText([]byte(bluemonday.StrictPolicy().Sanitize(q)))
|
q = cleanHTMLText(q)
|
||||||
// Redirect to results
|
// Redirect to results
|
||||||
http.Redirect(w, r, path.Join(servePath, searchEncode(q)), http.StatusFound)
|
http.Redirect(w, r, path.Join(servePath, searchEncode(q)), http.StatusFound)
|
||||||
return
|
return
|
||||||
|
|
10
utils.go
10
utils.go
|
@ -1,7 +1,6 @@
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
|
||||||
"crypto/sha256"
|
"crypto/sha256"
|
||||||
"fmt"
|
"fmt"
|
||||||
"html/template"
|
"html/template"
|
||||||
|
@ -16,6 +15,7 @@ import (
|
||||||
"github.com/PuerkitoBio/goquery"
|
"github.com/PuerkitoBio/goquery"
|
||||||
"github.com/araddon/dateparse"
|
"github.com/araddon/dateparse"
|
||||||
"github.com/c2h5oh/datasize"
|
"github.com/c2h5oh/datasize"
|
||||||
|
"github.com/microcosm-cc/bluemonday"
|
||||||
"github.com/thoas/go-funk"
|
"github.com/thoas/go-funk"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -233,14 +233,18 @@ func mBytesString(size int64) string {
|
||||||
return fmt.Sprintf("%.2f MB", datasize.ByteSize(size).MBytes())
|
return fmt.Sprintf("%.2f MB", datasize.ByteSize(size).MBytes())
|
||||||
}
|
}
|
||||||
|
|
||||||
func htmlText(b []byte) string {
|
func htmlText(s string) string {
|
||||||
d, err := goquery.NewDocumentFromReader(bytes.NewReader(b))
|
d, err := goquery.NewDocumentFromReader(strings.NewReader(s))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return ""
|
return ""
|
||||||
}
|
}
|
||||||
return strings.TrimSpace(d.Text())
|
return strings.TrimSpace(d.Text())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func cleanHTMLText(s string) string {
|
||||||
|
return htmlText(bluemonday.StrictPolicy().Sanitize(s))
|
||||||
|
}
|
||||||
|
|
||||||
func defaultIfEmpty(s, d string) string {
|
func defaultIfEmpty(s, d string) string {
|
||||||
if s != "" {
|
if s != "" {
|
||||||
return s
|
return s
|
||||||
|
|
|
@ -72,3 +72,8 @@ func Test_urlHasExt(t *testing.T) {
|
||||||
assert.Equal(t, "jpg", ext)
|
assert.Equal(t, "jpg", ext)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func Test_cleanHTMLText(t *testing.T) {
|
||||||
|
assert.Equal(t, `"This is a 'test'" 😁`, cleanHTMLText(`"This is a 'test'" 😁`))
|
||||||
|
assert.Equal(t, `Test`, cleanHTMLText(`<b>Test</b>`))
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue