Escape search query (Backport 1.4) (#3488)

* Escape search query

Signed-off-by: Jonas Franz <info@jonasfranz.de>

(cherry picked from commit 2970889)

* Reordered imports

Signed-off-by: Jonas Franz <info@jonasfranz.de>
This commit is contained in:
Jonas Franz 2018-02-11 20:25:02 +01:00 committed by Lauris BH
parent 4e27cc4813
commit c0675ef6c2
2 changed files with 8 additions and 1 deletions

View file

@ -10,6 +10,7 @@ import (
"encoding/json"
"errors"
"fmt"
"html"
"html/template"
"mime"
"net/url"
@ -179,6 +180,7 @@ func NewFuncMap() []template.FuncMap {
return dict, nil
},
"Printf": fmt.Sprintf,
"Escape": Escape,
}}
}
@ -197,6 +199,11 @@ func Str2html(raw string) template.HTML {
return template.HTML(markup.Sanitize(raw))
}
// Escape escapes a HTML string
func Escape(raw string) string {
return html.EscapeString(raw)
}
// List traversings the list
func List(l *list.List) chan interface{} {
e := l.Front()

View file

@ -14,7 +14,7 @@
</div>
{{if .Keyword}}
<h3>
{{.i18n.Tr "repo.search.results" .Keyword .RepoLink .RepoName | Str2html}}
{{.i18n.Tr "repo.search.results" (.Keyword|Escape) .RepoLink .RepoName | Str2html }}
</h3>
<div class="repository search">
{{range $result := .SearchResults}}