santize
This commit is contained in:
maddalax
parent
613685aebb
commit
7b10b20b9e
6 changed files with 31 additions and 7 deletions
|
|
@ -2,9 +2,15 @@ module hackernews
|
|||
|
||||
go 1.23.0
|
||||
|
||||
require github.com/maddalax/htmgo/framework v1.0.2-0.20241026030703-8e048cbddc36
|
||||
require (
|
||||
github.com/go-chi/chi/v5 v5.1.0
|
||||
github.com/maddalax/htmgo/framework v1.0.2-0.20241026030703-8e048cbddc36
|
||||
github.com/microcosm-cc/bluemonday v1.0.27
|
||||
)
|
||||
|
||||
require (
|
||||
github.com/go-chi/chi/v5 v5.1.0 // indirect
|
||||
github.com/aymerick/douceur v0.2.0 // indirect
|
||||
github.com/google/uuid v1.6.0 // indirect
|
||||
github.com/gorilla/css v1.0.1 // indirect
|
||||
golang.org/x/net v0.29.0 // indirect
|
||||
)
|
||||
|
|
|
|||
|
|
@ -1,11 +1,17 @@
|
|||
github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk=
|
||||
github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4=
|
||||
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/go-chi/chi/v5 v5.1.0 h1:acVI1TYaD+hhedDJ3r54HyA6sExp3HfXq7QWEEY/xMw=
|
||||
github.com/go-chi/chi/v5 v5.1.0/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
|
||||
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
|
||||
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||
github.com/gorilla/css v1.0.1 h1:ntNaBIghp6JmvWnxbZKANoLyuXTPZ4cAMlo6RyhlbO8=
|
||||
github.com/gorilla/css v1.0.1/go.mod h1:BvnYkspnSzMmwRK+b8/xgNPLiIuNZr6vbZBTPQ2A3b0=
|
||||
github.com/maddalax/htmgo/framework v1.0.2-0.20241026030703-8e048cbddc36 h1:cwXqeTQrGAxMhGhpMJ3/sUGRvdDm3HWPNO5ayYzoRcU=
|
||||
github.com/maddalax/htmgo/framework v1.0.2-0.20241026030703-8e048cbddc36/go.mod h1:NGGzWVXWksrQJ9kV9SGa/A1F1Bjsgc08cN7ZVb98RqY=
|
||||
github.com/microcosm-cc/bluemonday v1.0.27 h1:MpEUotklkwCSLeH+Qdx1VJgNqLlpY2KXwXFM08ygZfk=
|
||||
github.com/microcosm-cc/bluemonday v1.0.27/go.mod h1:jFi9vgW+H7c3V0lb6nR74Ib/DIB5OBs92Dimizgw2cA=
|
||||
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||
github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
|
||||
|
|
|
|||
9
examples/hackernews/internal/sanitize/sanitize.go
Normal file
9
examples/hackernews/internal/sanitize/sanitize.go
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
package sanitize
|
||||
|
||||
import "github.com/microcosm-cc/bluemonday"
|
||||
|
||||
var p = bluemonday.UGCPolicy()
|
||||
|
||||
func Sanitize(text string) string {
|
||||
return p.Sanitize(text)
|
||||
}
|
||||
|
|
@ -5,6 +5,7 @@ import (
|
|||
"github.com/maddalax/htmgo/framework/h"
|
||||
"hackernews/internal/batch"
|
||||
"hackernews/internal/news"
|
||||
"hackernews/internal/sanitize"
|
||||
"hackernews/internal/timeformat"
|
||||
"strings"
|
||||
"time"
|
||||
|
|
@ -75,7 +76,7 @@ func Comment(item news.Comment, nesting int) *h.Element {
|
|||
h.Class("flex gap-1 items-center"),
|
||||
h.Div(
|
||||
h.Class("font-bold text-rose-500"),
|
||||
h.Text(item.By),
|
||||
h.UnsafeRaw(sanitize.Sanitize(item.By)),
|
||||
),
|
||||
h.Div(
|
||||
h.Class("text-sm text-gray-600"),
|
||||
|
|
@ -85,7 +86,7 @@ func Comment(item news.Comment, nesting int) *h.Element {
|
|||
),
|
||||
h.Div(
|
||||
h.Class("text-sm text-gray-600"),
|
||||
h.Text(strings.TrimSpace(item.Text)),
|
||||
h.UnsafeRaw(sanitize.Sanitize(strings.TrimSpace(item.Text))),
|
||||
),
|
||||
),
|
||||
h.If(
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ import (
|
|||
"hackernews/components"
|
||||
"hackernews/internal/news"
|
||||
"hackernews/internal/parse"
|
||||
"hackernews/internal/sanitize"
|
||||
"hackernews/internal/timeformat"
|
||||
"time"
|
||||
)
|
||||
|
|
@ -142,7 +143,7 @@ var CachedStoryList = h.CachedPerKeyT4(time.Minute*5, func(category string, page
|
|||
h.Class("block p-2 bg-white rounded-md shadow cursor-pointer"),
|
||||
h.Div(
|
||||
h.Class("font-bold"),
|
||||
h.Text(item.Title),
|
||||
h.UnsafeRaw(sanitize.Sanitize(item.Title)),
|
||||
),
|
||||
h.Div(
|
||||
h.Class("text-sm text-gray-600"),
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ import (
|
|||
"fmt"
|
||||
"github.com/maddalax/htmgo/framework/h"
|
||||
"hackernews/internal/news"
|
||||
"hackernews/internal/sanitize"
|
||||
"hackernews/internal/timeformat"
|
||||
"time"
|
||||
)
|
||||
|
|
@ -57,7 +58,7 @@ func StoryBody(story *news.Story) *h.Element {
|
|||
h.Class("prose prose-2xl border-b border-gray-200 pb-3 max-w-none w-full"),
|
||||
h.H5(
|
||||
h.Class("flex gap-2 items-left font-bold"),
|
||||
h.Text(story.Title),
|
||||
h.UnsafeRaw(sanitize.Sanitize(story.Title)),
|
||||
),
|
||||
h.A(
|
||||
h.Href(story.Url),
|
||||
|
|
@ -66,7 +67,7 @@ func StoryBody(story *news.Story) *h.Element {
|
|||
),
|
||||
h.Div(
|
||||
h.Class("text-sm text-gray-600"),
|
||||
h.Text(story.Text),
|
||||
h.UnsafeRaw(sanitize.Sanitize(story.Text)),
|
||||
),
|
||||
h.Div(
|
||||
h.Class("text-sm text-gray-600 mt-2"),
|
||||
|
|
|
|||
Loading…
Reference in a new issue