Escape search query (Backport 1.4) (#3488)
* Escape search query Signed-off-by: Jonas Franz <info@jonasfranz.de> (cherry picked from commit 2970889) * Reordered imports Signed-off-by: Jonas Franz <info@jonasfranz.de>
This commit is contained in:
parent
4e27cc4813
commit
c0675ef6c2
2 changed files with 8 additions and 1 deletions
|
@ -10,6 +10,7 @@ import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"html"
|
||||||
"html/template"
|
"html/template"
|
||||||
"mime"
|
"mime"
|
||||||
"net/url"
|
"net/url"
|
||||||
|
@ -179,6 +180,7 @@ func NewFuncMap() []template.FuncMap {
|
||||||
return dict, nil
|
return dict, nil
|
||||||
},
|
},
|
||||||
"Printf": fmt.Sprintf,
|
"Printf": fmt.Sprintf,
|
||||||
|
"Escape": Escape,
|
||||||
}}
|
}}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -197,6 +199,11 @@ func Str2html(raw string) template.HTML {
|
||||||
return template.HTML(markup.Sanitize(raw))
|
return template.HTML(markup.Sanitize(raw))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Escape escapes a HTML string
|
||||||
|
func Escape(raw string) string {
|
||||||
|
return html.EscapeString(raw)
|
||||||
|
}
|
||||||
|
|
||||||
// List traversings the list
|
// List traversings the list
|
||||||
func List(l *list.List) chan interface{} {
|
func List(l *list.List) chan interface{} {
|
||||||
e := l.Front()
|
e := l.Front()
|
||||||
|
|
|
@ -14,7 +14,7 @@
|
||||||
</div>
|
</div>
|
||||||
{{if .Keyword}}
|
{{if .Keyword}}
|
||||||
<h3>
|
<h3>
|
||||||
{{.i18n.Tr "repo.search.results" .Keyword .RepoLink .RepoName | Str2html}}
|
{{.i18n.Tr "repo.search.results" (.Keyword|Escape) .RepoLink .RepoName | Str2html }}
|
||||||
</h3>
|
</h3>
|
||||||
<div class="repository search">
|
<div class="repository search">
|
||||||
{{range $result := .SearchResults}}
|
{{range $result := .SearchResults}}
|
||||||
|
|
Reference in a new issue