* Prevent incorrect HTML escaping in swagger.json Fix #14706 Signed-off-by: Andrew Thornton <art27@cantab.net> * oops add it to the helper Signed-off-by: Andrew Thornton <art27@cantab.net> * try again Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: techknowlogick <techknowlogick@gitea.io>tags/v1.15.0-dev
#To update swagger use: GO111MODULE=on go get -u github.com/go-swagger/go-swagger/cmd/swagger | #To update swagger use: GO111MODULE=on go get -u github.com/go-swagger/go-swagger/cmd/swagger | ||||
SWAGGER := $(GO) run -mod=vendor github.com/go-swagger/go-swagger/cmd/swagger | SWAGGER := $(GO) run -mod=vendor github.com/go-swagger/go-swagger/cmd/swagger | ||||
SWAGGER_SPEC := templates/swagger/v1_json.tmpl | SWAGGER_SPEC := templates/swagger/v1_json.tmpl | ||||
SWAGGER_SPEC_S_TMPL := s|"basePath": *"/api/v1"|"basePath": "{{AppSubUrl}}/api/v1"|g | |||||
SWAGGER_SPEC_S_JSON := s|"basePath": *"{{AppSubUrl}}/api/v1"|"basePath": "/api/v1"|g | |||||
SWAGGER_SPEC_S_TMPL := s|"basePath": *"/api/v1"|"basePath": "{{AppSubUrl \| JSEscape \| Safe}}/api/v1"|g | |||||
SWAGGER_SPEC_S_JSON := s|"basePath": *"{{AppSubUrl \| JSEscape \| Safe}}/api/v1"|"basePath": "/api/v1"|g | |||||
SWAGGER_EXCLUDE := code.gitea.io/sdk | SWAGGER_EXCLUDE := code.gitea.io/sdk | ||||
SWAGGER_NEWLINE_COMMAND := -e '$$a\' | SWAGGER_NEWLINE_COMMAND := -e '$$a\' | ||||
}, | }, | ||||
"Safe": Safe, | "Safe": Safe, | ||||
"SafeJS": SafeJS, | "SafeJS": SafeJS, | ||||
"JSEscape": JSEscape, | |||||
"Str2html": Str2html, | "Str2html": Str2html, | ||||
"TimeSince": timeutil.TimeSince, | "TimeSince": timeutil.TimeSince, | ||||
"TimeSinceUnix": timeutil.TimeSinceUnix, | "TimeSinceUnix": timeutil.TimeSinceUnix, | ||||
return html.EscapeString(raw) | return html.EscapeString(raw) | ||||
} | } | ||||
// JSEscape escapes a JS string | |||||
func JSEscape(raw string) string { | |||||
return template.JSEscapeString(raw) | |||||
} | |||||
// List traversings the list | // List traversings the list | ||||
func List(l *list.List) chan interface{} { | func List(l *list.List) chan interface{} { | ||||
e := l.Front() | e := l.Front() |
// | // | ||||
// Schemes: http, https | // Schemes: http, https | ||||
// BasePath: /api/v1 | // BasePath: /api/v1 | ||||
// Version: {{AppVer}} | |||||
// Version: {{AppVer | JSEscape | Safe}} | |||||
// License: MIT http://opensource.org/licenses/MIT | // License: MIT http://opensource.org/licenses/MIT | ||||
// | // | ||||
// Consumes: | // Consumes: |
"name": "MIT", | "name": "MIT", | ||||
"url": "http://opensource.org/licenses/MIT" | "url": "http://opensource.org/licenses/MIT" | ||||
}, | }, | ||||
"version": "{{AppVer}}" | |||||
"version": "{{AppVer | JSEscape | Safe}}" | |||||
}, | }, | ||||
"basePath": "{{AppSubUrl}}/api/v1", | |||||
"basePath": "{{AppSubUrl | JSEscape | Safe}}/api/v1", | |||||
"paths": { | "paths": { | ||||
"/admin/cron": { | "/admin/cron": { | ||||
"get": { | "get": { |