Prevent incorrect HTML escaping in swagger.json (#14957)

* Prevent incorrect HTML escaping in swagger.json Fix #14706 Signed-off-by: Andrew Thornton <art27@cantab.net> * oops add it to the helper Signed-off-by: Andrew Thornton <art27@cantab.net> * try again Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
author: zeripath <art27@cantab.net> 2021-03-12 04:43:04 +0000
committer: GitHub <noreply@github.com> 2021-03-11 23:43:04 -0500
commit: 91ee3be58868eca4cf678932535dd721d591e06e (patch)
tree: 9720f69e69d633354d80d432112256fd01385ff5 /modules/templates
parent: df76d9f7ad0bf2f54e3d09d3238d77049226d693 (diff)
download: gitea-91ee3be58868eca4cf678932535dd721d591e06e.tar.gz
gitea-91ee3be58868eca4cf678932535dd721d591e06e.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/modules/templates/helper.go b/modules/templates/helper.go
index ab66cc7282..7e33f26209 100644
--- a/modules/templates/helper.go
+++ b/modules/templates/helper.go
@@ -92,6 +92,7 @@ func NewFuncMap() []template.FuncMap {
 		},
 		"Safe":          Safe,
 		"SafeJS":        SafeJS,
+		"JSEscape":      JSEscape,
 		"Str2html":      Str2html,
 		"TimeSince":     timeutil.TimeSince,
 		"TimeSinceUnix": timeutil.TimeSinceUnix,
@@ -629,6 +630,11 @@ func Escape(raw string) string {
 	return html.EscapeString(raw)
 }
 
+// JSEscape escapes a JS string
+func JSEscape(raw string) string {
+	return template.JSEscapeString(raw)
+}
+
 // List traversings the list
 func List(l *list.List) chan interface{} {
 	e := l.Front()
author	zeripath <art27@cantab.net>	2021-03-12 04:43:04 +0000
committer	GitHub <noreply@github.com>	2021-03-11 23:43:04 -0500
commit	91ee3be58868eca4cf678932535dd721d591e06e (patch)
tree	9720f69e69d633354d80d432112256fd01385ff5 /modules/templates
parent	df76d9f7ad0bf2f54e3d09d3238d77049226d693 (diff)
download	gitea-91ee3be58868eca4cf678932535dd721d591e06e.tar.gz gitea-91ee3be58868eca4cf678932535dd721d591e06e.zip