Refactor HTTP request context (#17979)

20 files changed, 63 insertions, 65 deletions

diff --git a/routers/api/v1/repo/commits.go b/routers/api/v1/repo/commits.go
index 117fef08da..6845ccb363 100644
--- a/routers/api/v1/repo/commits.go
+++ b/routers/api/v1/repo/commits.go
@@ -205,11 +205,11 @@ func GetAllCommits(ctx *context.APIContext) {
 	ctx.SetTotalCountHeader(commitsCountTotal)
 
 	// kept for backwards compatibility
-	ctx.Header().Set("X-Page", strconv.Itoa(listOptions.Page))
-	ctx.Header().Set("X-PerPage", strconv.Itoa(listOptions.PageSize))
-	ctx.Header().Set("X-Total", strconv.FormatInt(commitsCountTotal, 10))
-	ctx.Header().Set("X-PageCount", strconv.Itoa(pageCount))
-	ctx.Header().Set("X-HasMore", strconv.FormatBool(listOptions.Page < pageCount))
+	ctx.RespHeader().Set("X-Page", strconv.Itoa(listOptions.Page))
+	ctx.RespHeader().Set("X-PerPage", strconv.Itoa(listOptions.PageSize))
+	ctx.RespHeader().Set("X-Total", strconv.FormatInt(commitsCountTotal, 10))
+	ctx.RespHeader().Set("X-PageCount", strconv.Itoa(pageCount))
+	ctx.RespHeader().Set("X-HasMore", strconv.FormatBool(listOptions.Page < pageCount))
 	ctx.AppendAccessControlExposeHeaders("X-Page", "X-PerPage", "X-Total", "X-PageCount", "X-HasMore")
 
 	ctx.JSON(http.StatusOK, &apiCommits)
diff --git a/routers/api/v1/repo/pull.go b/routers/api/v1/repo/pull.go
index 0683fe4548..4c774e8af7 100644
--- a/routers/api/v1/repo/pull.go
+++ b/routers/api/v1/repo/pull.go
@@ -1233,10 +1233,10 @@ func GetPullRequestCommits(ctx *context.APIContext) {
 	ctx.SetLinkHeader(totalNumberOfCommits, listOptions.PageSize)
 	ctx.SetTotalCountHeader(int64(totalNumberOfCommits))
 
-	ctx.Header().Set("X-Page", strconv.Itoa(listOptions.Page))
-	ctx.Header().Set("X-PerPage", strconv.Itoa(listOptions.PageSize))
-	ctx.Header().Set("X-PageCount", strconv.Itoa(totalNumberOfPages))
-	ctx.Header().Set("X-HasMore", strconv.FormatBool(listOptions.Page < totalNumberOfPages))
+	ctx.RespHeader().Set("X-Page", strconv.Itoa(listOptions.Page))
+	ctx.RespHeader().Set("X-PerPage", strconv.Itoa(listOptions.PageSize))
+	ctx.RespHeader().Set("X-PageCount", strconv.Itoa(totalNumberOfPages))
+	ctx.RespHeader().Set("X-HasMore", strconv.FormatBool(listOptions.Page < totalNumberOfPages))
 	ctx.AppendAccessControlExposeHeaders("X-Page", "X-PerPage", "X-PageCount", "X-HasMore")
 
 	ctx.JSON(http.StatusOK, &apiCommits)
diff --git a/routers/api/v1/user/gpg_key.go b/routers/api/v1/user/gpg_key.go
index b0f9f1feb3..a90e8c30f0 100644
--- a/routers/api/v1/user/gpg_key.go
+++ b/routers/api/v1/user/gpg_key.go
@@ -157,7 +157,7 @@ func GetVerificationToken(ctx *context.APIContext) {
 	//     "$ref": "#/responses/notFound"
 
 	token := asymkey_model.VerificationToken(ctx.User, 1)
-	ctx.PlainText(http.StatusOK, []byte(token))
+	ctx.PlainText(http.StatusOK, token)
 }
 
 // VerifyUserGPGKey creates new GPG key to given user by ID.
diff --git a/routers/install/install.go b/routers/install/install.go
index 45804acf3b..7c3d43bbde 100644
--- a/routers/install/install.go
+++ b/routers/install/install.go
@@ -80,9 +80,7 @@ func Init(next http.Handler) http.Handler {
 				"AllLangs":      translation.AllLangs(),
 				"CurrentURL":    setting.AppSubURL + req.URL.RequestURI(),
 				"PageStartTime": startTime,
-				"TmplLoadTimes": func() string {
-					return time.Since(startTime).String()
-				},
+
 				"PasswordHashAlgorithms": user_model.AvailableHashAlgorithms,
 			},
 		}
@@ -554,7 +552,7 @@ func SubmitInstall(ctx *context.Context) {
 
 	ctx.Flash.Success(ctx.Tr("install.install_success"))
 
-	ctx.Header().Add("Refresh", "1; url="+setting.AppURL+"user/login")
+	ctx.RespHeader().Add("Refresh", "1; url="+setting.AppURL+"user/login")
 	ctx.HTML(http.StatusOK, tplPostInstall)
 
 	// Now get the http.Server from this request and shut it down
diff --git a/routers/private/default_branch.go b/routers/private/default_branch.go
index 974534c219..5fdd0df735 100644
--- a/routers/private/default_branch.go
+++ b/routers/private/default_branch.go
@@ -71,5 +71,5 @@ func SetDefaultBranch(ctx *gitea_context.PrivateContext) {
 		})
 		return
 	}
-	ctx.PlainText(http.StatusOK, []byte("success"))
+	ctx.PlainText(http.StatusOK, "success")
 }
diff --git a/routers/private/hook_pre_receive.go b/routers/private/hook_pre_receive.go
index 17ccf010ae..7ad719155c 100644
--- a/routers/private/hook_pre_receive.go
+++ b/routers/private/hook_pre_receive.go
@@ -134,7 +134,7 @@ func HookPreReceive(ctx *gitea_context.PrivateContext) {
 		}
 	}
 
-	ctx.PlainText(http.StatusOK, []byte("ok"))
+	ctx.PlainText(http.StatusOK, "ok")
 }
 
 func preReceiveBranch(ctx *preReceiveContext, oldCommitID, newCommitID, refFullName string) {
diff --git a/routers/private/key.go b/routers/private/key.go
index 30fde73c8a..3366b764e6 100644
--- a/routers/private/key.go
+++ b/routers/private/key.go
@@ -28,7 +28,7 @@ func UpdatePublicKeyInRepo(ctx *context.PrivateContext) {
 	deployKey, err := asymkey_model.GetDeployKeyByRepo(keyID, repoID)
 	if err != nil {
 		if asymkey_model.IsErrDeployKeyNotExist(err) {
-			ctx.PlainText(http.StatusOK, []byte("success"))
+			ctx.PlainText(http.StatusOK, "success")
 			return
 		}
 		ctx.JSON(http.StatusInternalServerError, private.Response{
@@ -44,7 +44,7 @@ func UpdatePublicKeyInRepo(ctx *context.PrivateContext) {
 		return
 	}
 
-	ctx.PlainText(http.StatusOK, []byte("success"))
+	ctx.PlainText(http.StatusOK, "success")
 }
 
 // AuthorizedPublicKeyByContent searches content as prefix (leak e-mail part)
@@ -59,5 +59,5 @@ func AuthorizedPublicKeyByContent(ctx *context.PrivateContext) {
 		})
 		return
 	}
-	ctx.PlainText(http.StatusOK, []byte(publicKey.AuthorizedString()))
+	ctx.PlainText(http.StatusOK, publicKey.AuthorizedString())
 }
diff --git a/routers/private/mail.go b/routers/private/mail.go
index 5218cd34a1..8b69c38093 100644
--- a/routers/private/mail.go
+++ b/routers/private/mail.go
@@ -86,5 +86,5 @@ func sendEmail(ctx *context.PrivateContext, subject, message string, to []string
 
 	wasSent := strconv.Itoa(len(to))
 
-	ctx.PlainText(http.StatusOK, []byte(wasSent))
+	ctx.PlainText(http.StatusOK, wasSent)
 }
diff --git a/routers/private/manager.go b/routers/private/manager.go
index 2b4cfb8ef4..a3b9a16f79 100644
--- a/routers/private/manager.go
+++ b/routers/private/manager.go
@@ -41,19 +41,19 @@ func FlushQueues(ctx *context.PrivateContext) {
 			Err: fmt.Sprintf("%v", err),
 		})
 	}
-	ctx.PlainText(http.StatusOK, []byte("success"))
+	ctx.PlainText(http.StatusOK, "success")
 }
 
 // PauseLogging pauses logging
 func PauseLogging(ctx *context.PrivateContext) {
 	log.Pause()
-	ctx.PlainText(http.StatusOK, []byte("success"))
+	ctx.PlainText(http.StatusOK, "success")
 }
 
 // ResumeLogging resumes logging
 func ResumeLogging(ctx *context.PrivateContext) {
 	log.Resume()
-	ctx.PlainText(http.StatusOK, []byte("success"))
+	ctx.PlainText(http.StatusOK, "success")
 }
 
 // ReleaseReopenLogging releases and reopens logging files
@@ -64,7 +64,7 @@ func ReleaseReopenLogging(ctx *context.PrivateContext) {
 		})
 		return
 	}
-	ctx.PlainText(http.StatusOK, []byte("success"))
+	ctx.PlainText(http.StatusOK, "success")
 }
 
 // RemoveLogger removes a logger
@@ -81,7 +81,7 @@ func RemoveLogger(ctx *context.PrivateContext) {
 	if ok {
 		setting.RemoveSubLogDescription(group, name)
 	}
-	ctx.PlainText(http.StatusOK, []byte(fmt.Sprintf("Removed %s %s", group, name)))
+	ctx.PlainText(http.StatusOK, fmt.Sprintf("Removed %s %s", group, name))
 }
 
 // AddLogger adds a logger
@@ -154,5 +154,5 @@ func AddLogger(ctx *context.PrivateContext) {
 		Config:   config,
 	})
 
-	ctx.PlainText(http.StatusOK, []byte("success"))
+	ctx.PlainText(http.StatusOK, "success")
 }
diff --git a/routers/private/manager_unix.go b/routers/private/manager_unix.go
index 1738c06a05..f00f202207 100644
--- a/routers/private/manager_unix.go
+++ b/routers/private/manager_unix.go
@@ -17,12 +17,12 @@ import (
 // Restart causes the server to perform a graceful restart
 func Restart(ctx *context.PrivateContext) {
 	graceful.GetManager().DoGracefulRestart()
-	ctx.PlainText(http.StatusOK, []byte("success"))
+	ctx.PlainText(http.StatusOK, "success")
 
 }
 
 // Shutdown causes the server to perform a graceful shutdown
 func Shutdown(ctx *context.PrivateContext) {
 	graceful.GetManager().DoGracefulShutdown()
-	ctx.PlainText(http.StatusOK, []byte("success"))
+	ctx.PlainText(http.StatusOK, "success")
 }
diff --git a/routers/private/manager_windows.go b/routers/private/manager_windows.go
index a8a477313f..014018a539 100644
--- a/routers/private/manager_windows.go
+++ b/routers/private/manager_windows.go
@@ -25,5 +25,5 @@ func Restart(ctx *context.PrivateContext) {
 // Shutdown causes the server to perform a graceful shutdown
 func Shutdown(ctx *context.PrivateContext) {
 	graceful.GetManager().DoGracefulShutdown()
-	ctx.PlainText(http.StatusOK, []byte("success"))
+	ctx.PlainText(http.StatusOK, "success")
 }
diff --git a/routers/web/goget.go b/routers/web/goget.go
index 6898f0f432..2843a96c30 100644
--- a/routers/web/goget.go
+++ b/routers/web/goget.go
@@ -65,7 +65,7 @@ func goGet(ctx *context.Context) {
 	if appURL.Scheme == string(setting.HTTP) {
 		insecure = "--insecure "
 	}
-	ctx.Header().Set("Content-Type", "text/html")
+	ctx.RespHeader().Set("Content-Type", "text/html")
 	ctx.Status(http.StatusOK)
 	_, _ = ctx.Write([]byte(com.Expand(`<!doctype html>
 <html>
diff --git a/routers/web/repo/branch.go b/routers/web/repo/branch.go
index d8f7b7ef2f..9247202086 100644
--- a/routers/web/repo/branch.go
+++ b/routers/web/repo/branch.go
@@ -379,7 +379,7 @@ func CreateBranch(ctx *context.Context) {
 			if len(e.Message) == 0 {
 				ctx.Flash.Error(ctx.Tr("repo.editor.push_rejected_no_message"))
 			} else {
-				flashError, err := ctx.HTMLString(string(tplAlertDetails), map[string]interface{}{
+				flashError, err := ctx.RenderToString(tplAlertDetails, map[string]interface{}{
 					"Message": ctx.Tr("repo.editor.push_rejected"),
 					"Summary": ctx.Tr("repo.editor.push_rejected_summary"),
 					"Details": utils.SanitizeFlashErrorString(e.Message),
diff --git a/routers/web/repo/editor.go b/routers/web/repo/editor.go
index 97f097783a..ef2166d85c 100644
--- a/routers/web/repo/editor.go
+++ b/routers/web/repo/editor.go
@@ -307,7 +307,7 @@ func editFilePost(ctx *context.Context, form forms.EditRepoFileForm, isNewFile b
 			if len(errPushRej.Message) == 0 {
 				ctx.RenderWithErr(ctx.Tr("repo.editor.push_rejected_no_message"), tplEditFile, &form)
 			} else {
-				flashError, err := ctx.HTMLString(string(tplAlertDetails), map[string]interface{}{
+				flashError, err := ctx.RenderToString(tplAlertDetails, map[string]interface{}{
 					"Message": ctx.Tr("repo.editor.push_rejected"),
 					"Summary": ctx.Tr("repo.editor.push_rejected_summary"),
 					"Details": utils.SanitizeFlashErrorString(errPushRej.Message),
@@ -319,7 +319,7 @@ func editFilePost(ctx *context.Context, form forms.EditRepoFileForm, isNewFile b
 				ctx.RenderWithErr(flashError, tplEditFile, &form)
 			}
 		} else {
-			flashError, err := ctx.HTMLString(string(tplAlertDetails), map[string]interface{}{
+			flashError, err := ctx.RenderToString(tplAlertDetails, map[string]interface{}{
 				"Message": ctx.Tr("repo.editor.fail_to_update_file", form.TreePath),
 				"Summary": ctx.Tr("repo.editor.fail_to_update_file_summary"),
 				"Details": utils.SanitizeFlashErrorString(err.Error()),
@@ -376,7 +376,7 @@ func DiffPreviewPost(ctx *context.Context) {
 	}
 
 	if diff.NumFiles == 0 {
-		ctx.PlainText(200, []byte(ctx.Tr("repo.editor.no_changes_to_show")))
+		ctx.PlainText(http.StatusOK, ctx.Tr("repo.editor.no_changes_to_show"))
 		return
 	}
 	ctx.Data["File"] = diff.Files[0]
@@ -501,7 +501,7 @@ func DeleteFilePost(ctx *context.Context) {
 			if len(errPushRej.Message) == 0 {
 				ctx.RenderWithErr(ctx.Tr("repo.editor.push_rejected_no_message"), tplDeleteFile, &form)
 			} else {
-				flashError, err := ctx.HTMLString(string(tplAlertDetails), map[string]interface{}{
+				flashError, err := ctx.RenderToString(tplAlertDetails, map[string]interface{}{
 					"Message": ctx.Tr("repo.editor.push_rejected"),
 					"Summary": ctx.Tr("repo.editor.push_rejected_summary"),
 					"Details": utils.SanitizeFlashErrorString(errPushRej.Message),
@@ -704,7 +704,7 @@ func UploadFilePost(ctx *context.Context) {
 			if len(errPushRej.Message) == 0 {
 				ctx.RenderWithErr(ctx.Tr("repo.editor.push_rejected_no_message"), tplUploadFile, &form)
 			} else {
-				flashError, err := ctx.HTMLString(string(tplAlertDetails), map[string]interface{}{
+				flashError, err := ctx.RenderToString(tplAlertDetails, map[string]interface{}{
 					"Message": ctx.Tr("repo.editor.push_rejected"),
 					"Summary": ctx.Tr("repo.editor.push_rejected_summary"),
 					"Details": utils.SanitizeFlashErrorString(errPushRej.Message),
diff --git a/routers/web/repo/http.go b/routers/web/repo/http.go
index 107f1d960a..64e617dc4a 100644
--- a/routers/web/repo/http.go
+++ b/routers/web/repo/http.go
@@ -126,7 +126,7 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
 		return
 	}
 	if !owner.IsOrganization() && !owner.IsActive {
-		ctx.HandleText(http.StatusForbidden, "Repository cannot be accessed. You cannot push or open issues/pull-requests.")
+		ctx.PlainText(http.StatusForbidden, "Repository cannot be accessed. You cannot push or open issues/pull-requests.")
 		return
 	}
 
@@ -147,7 +147,7 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
 
 	// Don't allow pushing if the repo is archived
 	if repoExist && repo.IsArchived && !isPull {
-		ctx.HandleText(http.StatusForbidden, "This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.")
+		ctx.PlainText(http.StatusForbidden, "This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.")
 		return
 	}
 
@@ -182,7 +182,7 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
 			_, err = login.GetTwoFactorByUID(ctx.User.ID)
 			if err == nil {
 				// TODO: This response should be changed to "invalid credentials" for security reasons once the expectation behind it (creating an app token to authenticate) is properly documented
-				ctx.HandleText(http.StatusUnauthorized, "Users with two-factor authentication enabled cannot perform HTTP/HTTPS operations via plain username and password. Please create and use a personal access token on the user settings page")
+				ctx.PlainText(http.StatusUnauthorized, "Users with two-factor authentication enabled cannot perform HTTP/HTTPS operations via plain username and password. Please create and use a personal access token on the user settings page")
 				return
 			} else if !login.IsErrTwoFactorNotEnrolled(err) {
 				ctx.ServerError("IsErrTwoFactorNotEnrolled", err)
@@ -191,7 +191,7 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
 		}
 
 		if !ctx.User.IsActive || ctx.User.ProhibitLogin {
-			ctx.HandleText(http.StatusForbidden, "Your account is disabled.")
+			ctx.PlainText(http.StatusForbidden, "Your account is disabled.")
 			return
 		}
 
@@ -208,12 +208,12 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
 			}
 
 			if !p.CanAccess(accessMode, unitType) {
-				ctx.HandleText(http.StatusForbidden, "User permission denied")
+				ctx.PlainText(http.StatusForbidden, "User permission denied")
 				return
 			}
 
 			if !isPull && repo.IsMirror {
-				ctx.HandleText(http.StatusForbidden, "mirror repository is read-only")
+				ctx.PlainText(http.StatusForbidden, "mirror repository is read-only")
 				return
 			}
 		}
@@ -240,21 +240,21 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
 
 	if !repoExist {
 		if !receivePack {
-			ctx.HandleText(http.StatusNotFound, "Repository not found")
+			ctx.PlainText(http.StatusNotFound, "Repository not found")
 			return
 		}
 
 		if isWiki { // you cannot send wiki operation before create the repository
-			ctx.HandleText(http.StatusNotFound, "Repository not found")
+			ctx.PlainText(http.StatusNotFound, "Repository not found")
 			return
 		}
 
 		if owner.IsOrganization() && !setting.Repository.EnablePushCreateOrg {
-			ctx.HandleText(http.StatusForbidden, "Push to create is not enabled for organizations.")
+			ctx.PlainText(http.StatusForbidden, "Push to create is not enabled for organizations.")
 			return
 		}
 		if !owner.IsOrganization() && !setting.Repository.EnablePushCreateUser {
-			ctx.HandleText(http.StatusForbidden, "Push to create is not enabled for users.")
+			ctx.PlainText(http.StatusForbidden, "Push to create is not enabled for users.")
 			return
 		}
 
@@ -276,7 +276,7 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
 		// Ensure the wiki is enabled before we allow access to it
 		if _, err := repo.GetUnit(unit.TypeWiki); err != nil {
 			if repo_model.IsErrUnitTypeNotExist(err) {
-				ctx.HandleText(http.StatusForbidden, "repository wiki is disabled")
+				ctx.PlainText(http.StatusForbidden, "repository wiki is disabled")
 				return
 			}
 			log.Error("Failed to get the wiki unit in %-v Error: %v", repo, err)
@@ -338,10 +338,10 @@ func dummyInfoRefs(ctx *context.Context) {
 		infoRefsCache = refs
 	})
 
-	ctx.Header().Set("Expires", "Fri, 01 Jan 1980 00:00:00 GMT")
-	ctx.Header().Set("Pragma", "no-cache")
-	ctx.Header().Set("Cache-Control", "no-cache, max-age=0, must-revalidate")
-	ctx.Header().Set("Content-Type", "application/x-git-receive-pack-advertisement")
+	ctx.RespHeader().Set("Expires", "Fri, 01 Jan 1980 00:00:00 GMT")
+	ctx.RespHeader().Set("Pragma", "no-cache")
+	ctx.RespHeader().Set("Cache-Control", "no-cache, max-age=0, must-revalidate")
+	ctx.RespHeader().Set("Content-Type", "application/x-git-receive-pack-advertisement")
 	_, _ = ctx.Write(packetWrite("# service=git-receive-pack\n"))
 	_, _ = ctx.Write([]byte("0000"))
 	_, _ = ctx.Write(infoRefsCache)
diff --git a/routers/web/repo/issue.go b/routers/web/repo/issue.go
index 464646a868..fe015145bd 100644
--- a/routers/web/repo/issue.go
+++ b/routers/web/repo/issue.go
@@ -2343,7 +2343,7 @@ func ChangeIssueReaction(ctx *context.Context) {
 		return
 	}
 
-	html, err := ctx.HTMLString(string(tplReactions), map[string]interface{}{
+	html, err := ctx.RenderToString(tplReactions, map[string]interface{}{
 		"ctx":       ctx.Data,
 		"ActionURL": fmt.Sprintf("%s/issues/%d/reactions", ctx.Repo.RepoLink, issue.Index),
 		"Reactions": issue.Reactions.GroupByType(),
@@ -2443,7 +2443,7 @@ func ChangeCommentReaction(ctx *context.Context) {
 		return
 	}
 
-	html, err := ctx.HTMLString(string(tplReactions), map[string]interface{}{
+	html, err := ctx.RenderToString(tplReactions, map[string]interface{}{
 		"ctx":       ctx.Data,
 		"ActionURL": fmt.Sprintf("%s/comments/%d/reactions", ctx.Repo.RepoLink, comment.ID),
 		"Reactions": comment.Reactions.GroupByType(),
@@ -2565,7 +2565,7 @@ func updateAttachments(item interface{}, files []string) error {
 }
 
 func attachmentsHTML(ctx *context.Context, attachments []*repo_model.Attachment, content string) string {
-	attachHTML, err := ctx.HTMLString(string(tplAttachment), map[string]interface{}{
+	attachHTML, err := ctx.RenderToString(tplAttachment, map[string]interface{}{
 		"ctx":         ctx.Data,
 		"Attachments": attachments,
 		"Content":     content,
diff --git a/routers/web/repo/pull.go b/routers/web/repo/pull.go
index f94424870a..9445c1a48b 100644
--- a/routers/web/repo/pull.go
+++ b/routers/web/repo/pull.go
@@ -771,7 +771,7 @@ func UpdatePullRequest(ctx *context.Context) {
 	if err = pull_service.Update(issue.PullRequest, ctx.User, message, rebase); err != nil {
 		if models.IsErrMergeConflicts(err) {
 			conflictError := err.(models.ErrMergeConflicts)
-			flashError, err := ctx.HTMLString(string(tplAlertDetails), map[string]interface{}{
+			flashError, err := ctx.RenderToString(tplAlertDetails, map[string]interface{}{
 				"Message": ctx.Tr("repo.pulls.merge_conflict"),
 				"Summary": ctx.Tr("repo.pulls.merge_conflict_summary"),
 				"Details": utils.SanitizeFlashErrorString(conflictError.StdErr) + "<br>" + utils.SanitizeFlashErrorString(conflictError.StdOut),
@@ -785,7 +785,7 @@ func UpdatePullRequest(ctx *context.Context) {
 			return
 		} else if models.IsErrRebaseConflicts(err) {
 			conflictError := err.(models.ErrRebaseConflicts)
-			flashError, err := ctx.HTMLString(string(tplAlertDetails), map[string]interface{}{
+			flashError, err := ctx.RenderToString(tplAlertDetails, map[string]interface{}{
 				"Message": ctx.Tr("repo.pulls.rebase_conflict", utils.SanitizeFlashErrorString(conflictError.CommitSHA)),
 				"Summary": ctx.Tr("repo.pulls.rebase_conflict_summary"),
 				"Details": utils.SanitizeFlashErrorString(conflictError.StdErr) + "<br>" + utils.SanitizeFlashErrorString(conflictError.StdOut),
@@ -940,7 +940,7 @@ func MergePullRequest(ctx *context.Context) {
 			return
 		} else if models.IsErrMergeConflicts(err) {
 			conflictError := err.(models.ErrMergeConflicts)
-			flashError, err := ctx.HTMLString(string(tplAlertDetails), map[string]interface{}{
+			flashError, err := ctx.RenderToString(tplAlertDetails, map[string]interface{}{
 				"Message": ctx.Tr("repo.editor.merge_conflict"),
 				"Summary": ctx.Tr("repo.editor.merge_conflict_summary"),
 				"Details": utils.SanitizeFlashErrorString(conflictError.StdErr) + "<br>" + utils.SanitizeFlashErrorString(conflictError.StdOut),
@@ -954,7 +954,7 @@ func MergePullRequest(ctx *context.Context) {
 			return
 		} else if models.IsErrRebaseConflicts(err) {
 			conflictError := err.(models.ErrRebaseConflicts)
-			flashError, err := ctx.HTMLString(string(tplAlertDetails), map[string]interface{}{
+			flashError, err := ctx.RenderToString(tplAlertDetails, map[string]interface{}{
 				"Message": ctx.Tr("repo.pulls.rebase_conflict", utils.SanitizeFlashErrorString(conflictError.CommitSHA)),
 				"Summary": ctx.Tr("repo.pulls.rebase_conflict_summary"),
 				"Details": utils.SanitizeFlashErrorString(conflictError.StdErr) + "<br>" + utils.SanitizeFlashErrorString(conflictError.StdOut),
@@ -983,7 +983,7 @@ func MergePullRequest(ctx *context.Context) {
 			if len(message) == 0 {
 				ctx.Flash.Error(ctx.Tr("repo.pulls.push_rejected_no_message"))
 			} else {
-				flashError, err := ctx.HTMLString(string(tplAlertDetails), map[string]interface{}{
+				flashError, err := ctx.RenderToString(tplAlertDetails, map[string]interface{}{
 					"Message": ctx.Tr("repo.pulls.push_rejected"),
 					"Summary": ctx.Tr("repo.pulls.push_rejected_summary"),
 					"Details": utils.SanitizeFlashErrorString(pushrejErr.Message),
@@ -1143,7 +1143,7 @@ func CompareAndPullRequestPost(ctx *context.Context) {
 			if len(message) == 0 {
 				ctx.Flash.Error(ctx.Tr("repo.pulls.push_rejected_no_message"))
 			} else {
-				flashError, err := ctx.HTMLString(string(tplAlertDetails), map[string]interface{}{
+				flashError, err := ctx.RenderToString(tplAlertDetails, map[string]interface{}{
 					"Message": ctx.Tr("repo.pulls.push_rejected"),
 					"Summary": ctx.Tr("repo.pulls.push_rejected_summary"),
 					"Details": utils.SanitizeFlashErrorString(pushrejErr.Message),
diff --git a/routers/web/user/auth.go b/routers/web/user/auth.go
index 55a4b11007..178852d3fb 100644
--- a/routers/web/user/auth.go
+++ b/routers/web/user/auth.go
@@ -506,7 +506,7 @@ func U2FSign(ctx *context.Context) {
 			if redirect == "" {
 				redirect = setting.AppSubURL + "/"
 			}
-			ctx.PlainText(200, []byte(redirect))
+			ctx.PlainText(http.StatusOK, redirect)
 			return
 		}
 	}
diff --git a/routers/web/user/home.go b/routers/web/user/home.go
index bad621f91f..975262cf9c 100644
--- a/routers/web/user/home.go
+++ b/routers/web/user/home.go
@@ -839,7 +839,7 @@ func ShowSSHKeys(ctx *context.Context, uid int64) {
 		buf.WriteString(keys[i].OmitEmail())
 		buf.WriteString("\n")
 	}
-	ctx.PlainText(200, buf.Bytes())
+	ctx.PlainTextBytes(http.StatusOK, buf.Bytes())
 }
 
 // ShowGPGKeys output all the public GPG keys of user by uid
@@ -878,7 +878,7 @@ func ShowGPGKeys(ctx *context.Context, uid int64) {
 		}
 	}
 	writer.Close()
-	ctx.PlainText(200, buf.Bytes())
+	ctx.PlainTextBytes(http.StatusOK, buf.Bytes())
 }
 
 // Email2User show user page via email
diff --git a/routers/web/user/oauth.go b/routers/web/user/oauth.go
index d3baeaedc4..3795d4e5b8 100644
--- a/routers/web/user/oauth.go
+++ b/routers/web/user/oauth.go
@@ -251,7 +251,7 @@ type userInfoResponse struct {
 func InfoOAuth(ctx *context.Context) {
 	if ctx.User == nil || ctx.Data["AuthedMethod"] != (&auth.OAuth2{}).Name() {
 		ctx.Resp.Header().Set("WWW-Authenticate", `Bearer realm=""`)
-		ctx.HandleText(http.StatusUnauthorized, "no valid authorization")
+		ctx.PlainText(http.StatusUnauthorized, "no valid authorization")
 		return
 	}
 
@@ -301,7 +301,7 @@ func getOAuthGroupsForUser(user *user_model.User) ([]string, error) {
 func IntrospectOAuth(ctx *context.Context) {
 	if ctx.User == nil {
 		ctx.Resp.Header().Set("WWW-Authenticate", `Bearer realm=""`)
-		ctx.HandleText(http.StatusUnauthorized, "no valid authorization")
+		ctx.PlainText(http.StatusUnauthorized, "no valid authorization")
 		return
 	}