burble.dn42/bird-lg-go
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity

Properly escape URL path (#81)

Browse Source
This commit is contained in:
towalink 2023-06-11 00:14:10 +02:00 committed by GitHub
parent bb479d22ae
commit e949646790
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
frontend/assets/templates/page.tpl
View File

@ -60,7 +60,7 @@
<option value="{{ html $k }}"{{ if eq $k $.URLOption }} selected{{end}}>{{ html $v }}</option> <option value="{{ html $k }}"{{ if eq $k $.URLOption }} selected{{end}}>{{ html $v }}</option>
{{ end }} {{ end }}
</select> </select>
<input name="server" class="d-none" value="{{ html $server }}"> <input name="server" class="d-none" value="{{ html ($server | pathescape) }}">
<input name="target" class="form-control" placeholder="Target" aria-label="Target" value="{{ html $target }}"> <input name="target" class="form-control" placeholder="Target" aria-label="Target" value="{{ html $target }}">
<div class="input-group-append"> <div class="input-group-append">
<button class="btn btn-outline-success" type="submit">&raquo;</button> <button class="btn btn-outline-success" type="submit">&raquo;</button>

9
frontend/template.go
View File

@ -3,6 +3,7 @@ package main
import ( import (
"embed" "embed"
"html/template" "html/template"
"net/url"
"strings" "strings"
) )
@ -104,6 +105,12 @@ var requiredTemplates = [...]string{
"bird", "bird",
} }
// define functions to be made available in templates
var funcMap = template.FuncMap{
"pathescape": url.PathEscape,
}
// import templates from embedded assets // import templates from embedded assets
func ImportTemplates() { func ImportTemplates() {
@ -121,7 +128,7 @@ func ImportTemplates() {
} }
// and add it to the template library // and add it to the template library
template, err := template.New(tmpl).Parse(string(def)) template, err := template.New(tmpl).Funcs(funcMap).Parse(string(def))
if err != nil { if err != nil {
panic("Unable to parse template (" + TEMPLATE_PATH + tmpl + ": " + err.Error()) panic("Unable to parse template (" + TEMPLATE_PATH + tmpl + ": " + err.Error())
} }