Remove unnecessary SanitizeHTML from code (#29575)

author wxiaoguang <wxiaoguang@gmail.com>

Mon, 4 Mar 2024 12:02:45 +0000 (20:02 +0800)

committer GitHub <noreply@github.com>

Mon, 4 Mar 2024 12:02:45 +0000 (12:02 +0000)
author wxiaoguang <wxiaoguang@gmail.com>
Mon, 4 Mar 2024 12:02:45 +0000 (20:02 +0800)
committer GitHub <noreply@github.com>
Mon, 4 Mar 2024 12:02:45 +0000 (12:02 +0000)
diff --git a/docs/content/administration/mail-templates.en-us.md b/docs/content/administration/mail-templates.en-us.md

index 0154fe55d0f7be463c990514410f50ad7edfa45e..4026b89975b73904bafef3d59be9f81805a2daa1 100644 (file)
--- a/docs/content/administration/mail-templates.en-us.md
+++ b/docs/content/administration/mail-templates.en-us.md
@@ -224,7 +224,7 @@ Please check [Gitea's logs](administration/logging-config.md) for error messages
          {{if not (eq .Body "")}}
              <h3>Message content</h3>
              <hr>
-            {{.Body | SanitizeHTML}}
+            {{.Body}}
          {{end}}
      </p>
      <hr>
diff --git a/docs/content/administration/mail-templates.zh-cn.md b/docs/content/administration/mail-templates.zh-cn.md

index e8c2817336c8058b611c0de40a8a9617e669b914..3c7c2a9397283bf39af1961da79f693a8fbf20ee 100644 (file)
--- a/docs/content/administration/mail-templates.zh-cn.md
+++ b/docs/content/administration/mail-templates.zh-cn.md
@@ -207,7 +207,7 @@ _主题_ 和 _邮件正文_ 由 [Golang的模板引擎](https://go.dev/pkg/text/
          {{if not (eq .Body "")}}
              <h3>消息内容：</h3>
              <hr>
-            {{.Body | SanitizeHTML}}
+            {{.Body}}
          {{end}}
      </p>
      <hr>
diff --git a/modules/templates/helper.go b/modules/templates/helper.go

index 1487fce69dc31f339d0dc2f6cfeb17efa7d39985..0997239a55addc439159318a234f5f75e03b99ed 100644 (file)
--- a/modules/templates/helper.go
+++ b/modules/templates/helper.go
@@ -208,14 +208,8 @@ func SafeHTML(s any) template.HTML {
  }
  
  // SanitizeHTML sanitizes the input by pre-defined markdown rules
-func SanitizeHTML(s any) template.HTML {
-       switch v := s.(type) {
-       case string:
-               return template.HTML(markup.Sanitize(v))
-       case template.HTML:
-               return template.HTML(markup.Sanitize(string(v)))
-       }
-       panic(fmt.Sprintf("unexpected type %T", s))
+func SanitizeHTML(s string) template.HTML {
+       return template.HTML(markup.Sanitize(s))
  }
  
  func HTMLEscape(s any) template.HTML {
diff --git a/modules/templates/helper_test.go b/modules/templates/helper_test.go

index 3365278ac2910e81346ea2aafac79637f24e95f8..64f29d033ec35b7680c43ba0660b0adf6e39670a 100644 (file)
--- a/modules/templates/helper_test.go
+++ b/modules/templates/helper_test.go
@@ -64,5 +64,4 @@ func TestHTMLFormat(t *testing.T) {
  
  func TestSanitizeHTML(t *testing.T) {
         assert.Equal(t, template.HTML(`<a href="/" rel="nofollow">link</a> xss <div>inline</div>`), SanitizeHTML(`<a href="/">link</a> <a href="javascript:">xss</a> <div style="dangerous">inline</div>`))
-       assert.Equal(t, template.HTML(`<a href="/" rel="nofollow">link</a> xss <div>inline</div>`), SanitizeHTML(template.HTML(`<a href="/">link</a> <a href="javascript:">xss</a> <div style="dangerous">inline</div>`)))
  }
diff --git a/templates/mail/issue/default.tmpl b/templates/mail/issue/default.tmpl

index 021ca3989dbb980c86dc918cb7d0a54398c1d46e..395b118d3ef22cca36915d9b5394c6132a83ebad 100644 (file)
--- a/templates/mail/issue/default.tmpl
+++ b/templates/mail/issue/default.tmpl
@@ -58,7 +58,7 @@
                                 {{.locale.Tr "mail.issue.action.new" .Doer.Name .Issue.Index}}
                         {{end}}
                 {{else}}
-                       {{.Body | SanitizeHTML}}
+                       {{.Body}}
                 {{end -}}
                 {{- range .ReviewComments}}
                         <hr>
diff --git a/templates/repo/settings/webhook/base_list.tmpl b/templates/repo/settings/webhook/base_list.tmpl

index 00f9a48ba77172e87cf323c51bfb0ba496e1fd16..e56929b70f34ced86e305b9cc82ae1c5e964b370 100644 (file)
--- a/templates/repo/settings/webhook/base_list.tmpl
+++ b/templates/repo/settings/webhook/base_list.tmpl
@@ -10,7 +10,7 @@
  <div class="ui attached segment">
         <div class="ui list">
                 <div class="item">
-                       {{.Description | SanitizeHTML}}
+                       {{.Description}}
                 </div>
                 {{range .Webhooks}}
                         <div class="item truncated-item-container">
diff --git a/templates/status/500.tmpl b/templates/status/500.tmpl

index 58795e4bc04cdaa370297b9b615dec4900167492..03d0183280c2178fd1b7220d94ffcf4074f5e725 100644 (file)
--- a/templates/status/500.tmpl
+++ b/templates/status/500.tmpl
@@ -1,5 +1,5 @@
  {{/* This page should only depend the minimal template functions/variables, to avoid triggering new panics.
-* base template functions: AppName, AssetUrlPrefix, AssetVersion, AppSubUrl, ThemeName, SanitizeHTML
+* base template functions: AppName, AssetUrlPrefix, AssetVersion, AppSubUrl, ThemeName
  * ctx.Locale
  * .Flash
  * .ErrorMsg
author	wxiaoguang <wxiaoguang@gmail.com>
	Mon, 4 Mar 2024 12:02:45 +0000 (20:02 +0800)
committer	GitHub <noreply@github.com>
	Mon, 4 Mar 2024 12:02:45 +0000 (12:02 +0000)
docs/content/administration/mail-templates.en-us.md		patch \| blob \| history
docs/content/administration/mail-templates.zh-cn.md		patch \| blob \| history
modules/templates/helper.go		patch \| blob \| history
modules/templates/helper_test.go		patch \| blob \| history
templates/mail/issue/default.tmpl		patch \| blob \| history
templates/repo/settings/webhook/base_list.tmpl		patch \| blob \| history
templates/status/500.tmpl		patch \| blob \| history