aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorUnknwon <joe2010xtmf@163.com>2015-01-30 18:05:20 -0500
committerUnknwon <joe2010xtmf@163.com>2015-01-30 18:05:20 -0500
commit37fcc8daf2d7d86e4d0f8baaeab0b2e11e5ec8d0 (patch)
tree701088978b660c46cdb463e0f191aed8adb01195
parent9803f84c883c372cca9ed5859cbf8f930af63d51 (diff)
downloadgitea-37fcc8daf2d7d86e4d0f8baaeab0b2e11e5ec8d0.tar.gz
gitea-37fcc8daf2d7d86e4d0f8baaeab0b2e11e5ec8d0.zip
modules/base: add RenderCommitMessage with XSS-safe and special links
- update russian locale
-rw-r--r--README.md2
-rw-r--r--README_ZH.md2
-rwxr-xr-xconf/locale/locale_ru-RU.ini18
-rw-r--r--gogs.go2
-rw-r--r--modules/base/markdown.go2
-rw-r--r--modules/base/template.go6
-rw-r--r--routers/repo/commit.go4
-rw-r--r--routers/repo/view.go4
-rw-r--r--templates/.VERSION2
-rw-r--r--templates/repo/commits_table.tmpl2
-rw-r--r--templates/repo/diff.tmpl2
-rw-r--r--templates/repo/view_list.tmpl2
12 files changed, 27 insertions, 21 deletions
diff --git a/README.md b/README.md
index ebaa12b7f1..f85e7354fa 100644
--- a/README.md
+++ b/README.md
@@ -7,7 +7,7 @@ Gogs(Go Git Service) is a painless self-hosted Git Service written in Go.
![Demo](http://gogs.qiniudn.com/gogs_demo.gif)
-##### Current version: 0.5.11 Beta
+##### Current version: 0.5.12 Beta
### NOTICES
diff --git a/README_ZH.md b/README_ZH.md
index 30b9e778ca..a67799ac30 100644
--- a/README_ZH.md
+++ b/README_ZH.md
@@ -5,7 +5,7 @@ Gogs(Go Git Service) 是一个基于 Go 语言的自助 Git 服务。
![Demo](http://gogs.qiniudn.com/gogs_demo.gif)
-##### 当前版本:0.5.11 Beta
+##### 当前版本:0.5.12 Beta
## 开发目的
diff --git a/conf/locale/locale_ru-RU.ini b/conf/locale/locale_ru-RU.ini
index bcc71f8db8..b0da5c550f 100755
--- a/conf/locale/locale_ru-RU.ini
+++ b/conf/locale/locale_ru-RU.ini
@@ -164,7 +164,7 @@ unable_verify_ssh_key=Gogs не может проверить ваш SSH-клю
auth_failed=Ошибка аутентификации: %v
still_own_repo=На вашем аккаунте все еще остается как минимум один репозиторий, сначала вам нужно удалить или передать его.
-still_has_org=Your account still have membership of organization, you have to left or delete them first.
+still_has_org=Вы находитесь в организации, сперва Вам необходимо покинуть ее или удалить.
org_still_own_repo=Данная организация все еще является владельцем репозиториев, необходимо удалить или переместить их в начале.
still_own_user=Эта проверка подлинности по-прежнему используется некоторыми пользователями, вы должны переместить их и затем снова удалить.
@@ -631,22 +631,22 @@ config.db_path_helper=(for "sqlite3" only)
config.service_config=Service Configuration
config.register_email_confirm=Require E-mail Confirmation
config.disable_register=Отключить регистрацию
-config.require_sign_in_view=Require Sign In View
-config.mail_notify=Mail Notification
-config.enable_cache_avatar=Enable Cache Avatar
+config.require_sign_in_view=Для просмотра необходима авторизация
+config.mail_notify=Почтовые уведомления
+config.enable_cache_avatar=Кешировать аватар
config.active_code_lives=Active Code Lives
config.reset_password_code_lives=Reset Password Code Lives
config.webhook_config=Настройка автоматического обновления репозиции
-config.task_interval=Task Interval
-config.deliver_timeout=Deliver Timeout
-config.mailer_config=Mailer Configuration
+config.task_interval=Интервал задания
+config.deliver_timeout=Задержка доставки
+config.mailer_config=Настройки почты
config.mailer_enabled=Включено
config.mailer_name=Имя
config.mailer_host=Сервер
config.mailer_user=Пользователь
config.oauth_config=Конфигурация OAuth
config.oauth_enabled=Включено
-config.cache_config=Cache Configuration
+config.cache_config=Настройки кеша
config.cache_adapter=Cache Adapter
config.cache_interval=Cache Interval
config.cache_conn=Cache Connection
@@ -674,7 +674,7 @@ monitor.execute_times=Execute Times
monitor.process=Запущенные процессы
monitor.desc=Описание
monitor.start=Start Time
-monitor.execute_time=Execution Time
+monitor.execute_time=Время выполнения
notices.system_notice_list=Система уведомлений
notices.type=Тип
diff --git a/gogs.go b/gogs.go
index 5711452d7c..a3c749cea3 100644
--- a/gogs.go
+++ b/gogs.go
@@ -17,7 +17,7 @@ import (
"github.com/gogits/gogs/modules/setting"
)
-const APP_VER = "0.5.12.0120 Beta"
+const APP_VER = "0.5.12.0130 Beta"
func init() {
runtime.GOMAXPROCS(runtime.NumCPU())
diff --git a/modules/base/markdown.go b/modules/base/markdown.go
index b2f94c480b..2cd3617a8f 100644
--- a/modules/base/markdown.go
+++ b/modules/base/markdown.go
@@ -103,7 +103,7 @@ var (
MentionPattern = regexp.MustCompile(`@[0-9a-zA-Z_]{1,}`)
commitPattern = regexp.MustCompile(`(\s|^)https?.*commit/[0-9a-zA-Z]+(#+[0-9a-zA-Z-]*)?`)
issueFullPattern = regexp.MustCompile(`(\s|^)https?.*issues/[0-9]+(#+[0-9a-zA-Z-]*)?`)
- issueIndexPattern = regexp.MustCompile(`#[0-9]+`)
+ issueIndexPattern = regexp.MustCompile(`( |^)#[0-9]+`)
sha1CurrentPattern = regexp.MustCompile(`\b[0-9a-f]{40}\b`)
)
diff --git a/modules/base/template.go b/modules/base/template.go
index 829999d1c9..34caa4552b 100644
--- a/modules/base/template.go
+++ b/modules/base/template.go
@@ -90,6 +90,11 @@ func ToUtf8(content string) string {
return res
}
+// RenderCommitMessage renders commit message with XSS-safe and special links.
+func RenderCommitMessage(msg, urlPrefix string) template.HTML {
+ return template.HTML(string(RenderIssueIndexPattern([]byte(template.HTMLEscapeString(msg)), urlPrefix)))
+}
+
var mailDomains = map[string]string{
"gmail.com": "gmail.com",
}
@@ -163,6 +168,7 @@ var TemplateFuncs template.FuncMap = map[string]interface{}{
"EscapePound": func(str string) string {
return strings.Replace(str, "#", "%23", -1)
},
+ "RenderCommitMessage": RenderCommitMessage,
}
type Actioner interface {
diff --git a/routers/repo/commit.go b/routers/repo/commit.go
index 4571b24f2a..e92ec8c88c 100644
--- a/routers/repo/commit.go
+++ b/routers/repo/commit.go
@@ -37,7 +37,7 @@ func RenderIssueLinks(oldCommits *list.List, repoLink string) *list.List {
newCommits := list.New()
for e := oldCommits.Front(); e != nil; e = e.Next() {
c := e.Value.(*git.Commit)
- c.CommitMessage = string(base.RenderIssueIndexPattern([]byte(c.CommitMessage), repoLink))
+ c.CommitMessage = c.CommitMessage
newCommits.PushBack(c)
}
return newCommits
@@ -206,7 +206,7 @@ func Diff(ctx *middleware.Context) {
commitId := ctx.Repo.CommitId
commit := ctx.Repo.Commit
- commit.CommitMessage = string(base.RenderIssueIndexPattern([]byte(commit.CommitMessage), ctx.Repo.RepoLink))
+ commit.CommitMessage = commit.CommitMessage
diff, err := models.GetDiffCommit(models.RepoPath(userName, repoName),
commitId, setting.Git.MaxGitDiffLines)
if err != nil {
diff --git a/routers/repo/view.go b/routers/repo/view.go
index 606a0da637..cb689df6a0 100644
--- a/routers/repo/view.go
+++ b/routers/repo/view.go
@@ -156,9 +156,9 @@ func Home(ctx *middleware.Context) {
for _, f := range files {
switch c := f[1].(type) {
case *git.Commit:
- c.CommitMessage = string(base.RenderIssueIndexPattern([]byte(c.CommitMessage), ctx.Repo.RepoLink))
+ c.CommitMessage = c.CommitMessage
case *git.SubModuleFile:
- c.CommitMessage = string(base.RenderIssueIndexPattern([]byte(c.CommitMessage), ctx.Repo.RepoLink))
+ c.CommitMessage = c.CommitMessage
}
}
ctx.Data["Files"] = files
diff --git a/templates/.VERSION b/templates/.VERSION
index 36f8bef5b7..1674af9a21 100644
--- a/templates/.VERSION
+++ b/templates/.VERSION
@@ -1 +1 @@
-0.5.12.0120 Beta \ No newline at end of file
+0.5.12.0130 Beta \ No newline at end of file
diff --git a/templates/repo/commits_table.tmpl b/templates/repo/commits_table.tmpl
index bd3777b46e..4c8141ab17 100644
--- a/templates/repo/commits_table.tmpl
+++ b/templates/repo/commits_table.tmpl
@@ -32,7 +32,7 @@
{{end}}
</td>
<td class="sha"><a rel="nofollow" class="label label-green" href="{{AppSubUrl}}/{{$username}}/{{$reponame}}/commit/{{.Id}} ">{{SubStr .Id.String 0 10}} </a></td>
- <td class="message"><span class="text-truncate">{{Str2html .Summary}}</span></td>
+ <td class="message"><span class="text-truncate">{{RenderCommitMessage .Summary $.RepoLink}}</span></td>
<td class="date">{{TimeSince .Author.When $.Lang}}</td>
</tr>
{{end}}
diff --git a/templates/repo/diff.tmpl b/templates/repo/diff.tmpl
index 225175e8d1..8045351600 100644
--- a/templates/repo/diff.tmpl
+++ b/templates/repo/diff.tmpl
@@ -17,7 +17,7 @@
<div class="panel panel-info panel-radius diff-head-box">
<div class="panel-header">
<a class="pull-right btn btn-blue btn-header btn-medium btn-radius" rel="nofollow" href="{{.SourcePath}}">{{.i18n.Tr "repo.diff.browse_source"}}</a>
- <h4 class="commit-message">{{Str2html .Commit.Message}}</h4>
+ <h4 class="commit-message">{{RenderCommitMessage .Commit.Message $.RepoLink}}</h4>
</div>
<div class="panel-body">
<span class="pull-right">
diff --git a/templates/repo/view_list.tmpl b/templates/repo/view_list.tmpl
index fed91effa7..7bb9ffef7f 100644
--- a/templates/repo/view_list.tmpl
+++ b/templates/repo/view_list.tmpl
@@ -53,7 +53,7 @@
<a rel="nofollow" class="label label-green" href="{{AppSubUrl}}/{{$.Username}}/{{$.Reponame}}/commit/{{$commit.Id}} ">{{SubStr $commit.Id.String 0 10}} </a>
</td>
<td class="message">
- <span class="text-truncate">{{Str2html $commit.Summary}}</span>
+ <span class="text-truncate">{{RenderCommitMessage $commit.Summary $.RepoLink}}</span>
</td>
<td class="age">{{TimeSince $commit.Committer.When $.Lang}}</td>
</tr>