From 2f18e1d214f14a9eb25b9613917e4c6ad0872fde Mon Sep 17 00:00:00 2001 From: Jan-Lukas Else Date: Mon, 13 Feb 2023 22:39:35 +0100 Subject: [PATCH] Update dependencies and some small improvements --- app.go | 2 +- commentsAdmin.go | 2 +- go.mod | 6 ++-- go.sum | 14 +++++----- indexnow.go | 2 +- indieAuth.go | 2 +- indieAuthServer.go | 2 +- indieAuthServer_test.go | 2 +- indieAuth_test.go | 2 +- notifications.go | 2 +- posts.go | 2 +- ui.go | 2 +- utils.go | 61 ++++++++++++++++++++++++++++------------- webmentionAdmin.go | 2 +- 14 files changed, 63 insertions(+), 40 deletions(-) diff --git a/app.go b/app.go index 1ae4995..22bf21b 100644 --- a/app.go +++ b/app.go @@ -11,7 +11,7 @@ import ( ct "github.com/elnormous/contenttype" apc "github.com/go-ap/client" "github.com/go-fed/httpsig" - "github.com/hacdias/indieauth/v2" + "github.com/hacdias/indieauth/v3" rotatelogs "github.com/lestrrat-go/file-rotatelogs" "github.com/yuin/goldmark" "go.goblog.app/app/pkgs/minify" diff --git a/commentsAdmin.go b/commentsAdmin.go index 7806e73..99a8f0b 100644 --- a/commentsAdmin.go +++ b/commentsAdmin.go @@ -8,7 +8,7 @@ import ( "sync" "github.com/go-chi/chi/v5" - "github.com/vcraescu/go-paginator" + "github.com/vcraescu/go-paginator/v2" ) type commentsPaginationAdapter struct { diff --git a/go.mod b/go.mod index b284212..48f3467 100644 --- a/go.mod +++ b/go.mod @@ -30,7 +30,7 @@ require ( github.com/gorilla/handlers v1.5.1 github.com/gorilla/sessions v1.2.1 github.com/gorilla/websocket v1.5.0 - github.com/hacdias/indieauth/v2 v2.1.0 + github.com/hacdias/indieauth/v3 v3.0.1 github.com/jlaffaye/ftp v0.1.0 // master github.com/jlelse/feeds v1.2.1-0.20210704161900-189f94254ad4 @@ -58,7 +58,7 @@ require ( github.com/tkrajina/gpxgo v1.2.2-0.20220217201249-321f19554eec github.com/tomnomnom/linkheader v0.0.0-20180905144013-02ca5825eb80 github.com/traefik/yaegi v0.15.0 - github.com/vcraescu/go-paginator v1.0.1-0.20201114172518-2cfc59fe05c2 + github.com/vcraescu/go-paginator/v2 v2.0.0 github.com/xhit/go-simple-mail/v2 v2.13.0 github.com/yuin/goldmark v1.5.4 // master @@ -133,7 +133,7 @@ require ( github.com/valyala/fastjson v1.6.3 // indirect golang.org/x/exp v0.0.0-20220303212507-bbda1eaf7a17 // indirect golang.org/x/image v0.0.0-20191009234506-e7c1f5e7dbb8 // indirect - golang.org/x/oauth2 v0.1.0 // indirect + golang.org/x/oauth2 v0.4.0 // indirect golang.org/x/sys v0.5.0 // indirect google.golang.org/appengine v1.6.7 // indirect google.golang.org/protobuf v1.28.1 // indirect diff --git a/go.sum b/go.sum index bdd446d..f6ff0ba 100644 --- a/go.sum +++ b/go.sum @@ -293,8 +293,8 @@ github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoA github.com/gorilla/websocket v1.4.1/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/hacdias/indieauth/v2 v2.1.0 h1:LTR9raUs4SYZbgak0E8EOGHwz4ctvyW9VkOd5/hDRPM= -github.com/hacdias/indieauth/v2 v2.1.0/go.mod h1:OHEsGRgWcZgbzzT84yxX0V0qYAWOuNZ9Iy+rIDvHC1s= +github.com/hacdias/indieauth/v3 v3.0.1 h1:b/C2VlqOzijvVJuezFcGhEmMZyCvZgdHgLZIb9BOlxk= +github.com/hacdias/indieauth/v3 v3.0.1/go.mod h1:mVMKFOoVMYgGb06HgXiSevyIJu3/GoRo/EujEXSpAKs= github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= @@ -570,8 +570,8 @@ github.com/valyala/fastjson v1.6.3/go.mod h1:CLCAqky6SMuOcxStkYQvblddUtoRxhYMGLr github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8= github.com/valyala/fasttemplate v1.2.1/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ= github.com/valyala/tcplisten v0.0.0-20161114210144-ceec8f93295a/go.mod h1:v3UYOV9WzVtRmSR+PDvWpU/qWl4Wa5LApYYX4ZtKbio= -github.com/vcraescu/go-paginator v1.0.1-0.20201114172518-2cfc59fe05c2 h1:l5j4nE6rosbObXB/uPmzxOQ2z5uXlFOgttlHJ2YL/0w= -github.com/vcraescu/go-paginator v1.0.1-0.20201114172518-2cfc59fe05c2/go.mod h1:NEDNuq1asYbAeX+uy6w56MDQSFmBQz9k+N9Hy6m4r2U= +github.com/vcraescu/go-paginator/v2 v2.0.0 h1:m9If0wF7pSjYfocrJZcyWNiWn7OfIeLFVQLbiDvHf3k= +github.com/vcraescu/go-paginator/v2 v2.0.0/go.mod h1:qsrC8+/YgRL0LfurxeY3gCAtsN7oOthkIbmBdqpMX9U= github.com/wsxiaoys/terminal v0.0.0-20160513160801-0940f3fc43a0/go.mod h1:IXCdmsXIht47RaVFLEdVnh1t+pgYtTAhQGj73kz+2DM= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= @@ -707,8 +707,8 @@ golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.1.0 h1:isLCZuhj4v+tYv7eskaN4v/TM+A1begWWgyVJDdl1+Y= -golang.org/x/oauth2 v0.1.0/go.mod h1:G9FE4dLTsbXUu90h/Pf85g4w1D+SSAgR+q46nJZ8M4A= +golang.org/x/oauth2 v0.4.0 h1:NF0gk8LVPg1Ml7SSbGyySuoxdsXitj7TvgvuRxIMc/M= +golang.org/x/oauth2 v0.4.0/go.mod h1:RznEsdpjGAINPTOF0UH/t+xJ75L18YO3Ho6Pyn+uRec= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -978,7 +978,7 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gorm.io/driver/sqlite v1.1.3/go.mod h1:AKDgRWk8lcSQSw+9kxCJnX/yySj8G3rdwYlU57cB45c= gorm.io/gorm v1.20.1/go.mod h1:0HFTzE/SqkGTzK6TlDPPQbAYCluiVvhzoA1+aVyzenw= -gorm.io/gorm v1.20.2/go.mod h1:0HFTzE/SqkGTzK6TlDPPQbAYCluiVvhzoA1+aVyzenw= +gorm.io/gorm v1.20.6/go.mod h1:0HFTzE/SqkGTzK6TlDPPQbAYCluiVvhzoA1+aVyzenw= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/indexnow.go b/indexnow.go index 8b1a9a6..52eb261 100644 --- a/indexnow.go +++ b/indexnow.go @@ -76,7 +76,7 @@ func (a *goBlog) indexNowKey() []byte { } if keyBytes == nil { // Generate 128 character key with hexadecimal characters - keyBytes = []byte(randomString(128, []rune("0123456789abcdef"))) + keyBytes = []byte(randomString(128, []rune("0123456789abcdef")...)) // Store key in database err = a.db.cachePersistently("indexnowkey", keyBytes) if err != nil { diff --git a/indieAuth.go b/indieAuth.go index 26a8e8b..18ac3cc 100644 --- a/indieAuth.go +++ b/indieAuth.go @@ -5,7 +5,7 @@ import ( "net/http" "strings" - "github.com/hacdias/indieauth/v2" + "github.com/hacdias/indieauth/v3" ) const indieAuthScope contextKey = "scope" diff --git a/indieAuthServer.go b/indieAuthServer.go index 875edac..913fb20 100644 --- a/indieAuthServer.go +++ b/indieAuthServer.go @@ -11,7 +11,7 @@ import ( "time" "github.com/google/uuid" - "github.com/hacdias/indieauth/v2" + "github.com/hacdias/indieauth/v3" "go.goblog.app/app/pkgs/contenttype" ) diff --git a/indieAuthServer_test.go b/indieAuthServer_test.go index c85a216..0e0ee9c 100644 --- a/indieAuthServer_test.go +++ b/indieAuthServer_test.go @@ -9,7 +9,7 @@ import ( "testing" "github.com/PuerkitoBio/goquery" - "github.com/hacdias/indieauth/v2" + "github.com/hacdias/indieauth/v3" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) diff --git a/indieAuth_test.go b/indieAuth_test.go index 8bed3af..1a4752d 100644 --- a/indieAuth_test.go +++ b/indieAuth_test.go @@ -6,7 +6,7 @@ import ( "strings" "testing" - "github.com/hacdias/indieauth/v2" + "github.com/hacdias/indieauth/v3" "github.com/stretchr/testify/assert" ) diff --git a/notifications.go b/notifications.go index f77d46b..5b837ee 100644 --- a/notifications.go +++ b/notifications.go @@ -10,7 +10,7 @@ import ( "time" "github.com/go-chi/chi/v5" - "github.com/vcraescu/go-paginator" + "github.com/vcraescu/go-paginator/v2" "go.goblog.app/app/pkgs/bufferpool" ) diff --git a/posts.go b/posts.go index c16f610..811da63 100644 --- a/posts.go +++ b/posts.go @@ -11,7 +11,7 @@ import ( "github.com/go-chi/chi/v5" "github.com/samber/lo" - "github.com/vcraescu/go-paginator" + "github.com/vcraescu/go-paginator/v2" "go.goblog.app/app/pkgs/bufferpool" ) diff --git a/ui.go b/ui.go index d366f39..b3e5a16 100644 --- a/ui.go +++ b/ui.go @@ -4,7 +4,7 @@ import ( "fmt" "time" - "github.com/hacdias/indieauth/v2" + "github.com/hacdias/indieauth/v3" "github.com/kaorimatz/go-opml" "github.com/mergestat/timediff" "github.com/samber/lo" diff --git a/utils.go b/utils.go index bfc6099..92df458 100644 --- a/utils.go +++ b/utils.go @@ -5,7 +5,6 @@ import ( "errors" "fmt" "io" - "math/rand" "net/http" "net/http/httptest" "net/url" @@ -25,7 +24,8 @@ import ( tdl "github.com/mergestat/timediff/locale" "github.com/microcosm-cc/bluemonday" "github.com/samber/lo" - "go.goblog.app/app/pkgs/bufferpool" + "go.goblog.app/app/pkgs/builderpool" + "golang.org/x/net/html" "golang.org/x/text/language" ) @@ -58,13 +58,11 @@ func sortedStrings(s []string) []string { var defaultLetters = []rune("abcdefghijklmnopqrstuvwxyz") -func randomString(n int, allowedChars ...[]rune) string { - letters := append(allowedChars, defaultLetters)[0] - b := make([]rune, n) - for i := range b { - b[i] = letters[rand.Intn(len(letters))] +func randomString(n int, allowedChars ...rune) string { + if len(allowedChars) == 0 { + allowedChars = append(allowedChars, defaultLetters...) } - return string(b) + return lo.RandomString(n, allowedChars) } func isAbsoluteURL(s string) bool { @@ -242,20 +240,28 @@ func htmlText(s string) string { return text } +// Build policy to only allow a subset of HTML tags +var textPolicy = bluemonday.StrictPolicy(). + AllowElements("h1", "h2", "h3", "h4", "h5", "h6"). // Headers + AllowElements("p"). // Paragraphs + AllowElements("ol", "ul", "li"). // Lists + AllowElements("blockquote") // Blockquotes + func htmlTextFromReader(r io.Reader) (string, error) { - // Build policy to only allow a subset of HTML tags - textPolicy := bluemonday.StrictPolicy() - textPolicy.AllowElements("h1", "h2", "h3", "h4", "h5", "h6") // Headers - textPolicy.AllowElements("p") // Paragraphs - textPolicy.AllowElements("ol", "ul", "li") // Lists - textPolicy.AllowElements("blockquote") // Blockquotes - // Read filtered HTML into document - doc, err := goquery.NewDocumentFromReader(textPolicy.SanitizeReader(r)) + // Filter HTML + pr, pw := io.Pipe() + go func() { + _ = pw.CloseWithError(textPolicy.SanitizeReaderToWriter(r, pw)) + }() + // Read into document + doc, err := goquery.NewDocumentFromReader(pr) + _ = pr.CloseWithError(err) if err != nil { return "", err } - text := bufferpool.Get() - defer bufferpool.Put(text) + // Parse text + text := builderpool.Get() + defer builderpool.Put(text) if bodyChild := doc.Find("body").Children(); bodyChild.Length() > 0 { // Input was real HTML, so build the text from the body // Declare recursive function to print childs @@ -272,7 +278,7 @@ func htmlTextFromReader(r io.Reader) (string, error) { if sel.Children().Length() > 0 { // Has children printChilds(sel.Children()) // Recursive call to print childs } else { - _, _ = text.WriteString(sel.Text()) // Print text + gqSelectionTextToStringWriter(sel, text) // Print text } }) } @@ -285,6 +291,23 @@ func htmlTextFromReader(r io.Reader) (string, error) { return strings.TrimSpace(text.String()), nil } +func gqSelectionTextToStringWriter(sel *goquery.Selection, text io.StringWriter) { + var f func(*html.Node) + f = func(n *html.Node) { + if n.Type == html.TextNode { + _, _ = text.WriteString(n.Data) + } + if n.FirstChild != nil { + for c := n.FirstChild; c != nil; c = c.NextSibling { + f(c) + } + } + } + for _, n := range sel.Nodes { + f(n) + } +} + func cleanHTMLText(s string) string { // Clean HTML with UGC policy and return text pr, pw := io.Pipe() diff --git a/webmentionAdmin.go b/webmentionAdmin.go index a3062b1..f207dad 100644 --- a/webmentionAdmin.go +++ b/webmentionAdmin.go @@ -9,7 +9,7 @@ import ( "sync" "github.com/go-chi/chi/v5" - "github.com/vcraescu/go-paginator" + "github.com/vcraescu/go-paginator/v2" ) type webmentionPaginationAdapter struct {