asonix/hyaenidae
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Server: render sanitized strings as plain html

Browse source 
- Use source fields for text inputs
This commit is contained in:
asonix 2021-01-27 20:59:58 -06:00
parent b9a66c1923
commit 8d0d07a299
21 changed files with 60 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
server/src/comments/mod.rs
View file

@ -430,7 +430,7 @@ async fn edit_page(
return Ok(crate::to_404());
}
let body = comment.body().to_owned();
let body = comment.body_source().unwrap_or(comment.body()).to_owned();
let view = match prepare_view(comment, Some(&profile), &nav_state, &state).await? {
Some(v) => v.value(&body),
None => return Ok(crate::to_404()),
@ -490,7 +490,7 @@ async fn update_comment(
}
};
let body = comment.body().to_owned();
let body = comment.body_source().unwrap_or(comment.body()).to_owned();
let view = match prepare_view(comment, Some(&profile), &nav_state, &state).await? {
Some(v) => v.value(&body).error_opt(Some(error)),
None => return Ok(crate::to_404()),

2
server/src/main.rs
View file

@ -47,7 +47,7 @@ async fn main() -> anyhow::Result<()> {
if std::env::var("RUST_LOG").is_err() {
if config.debug {
std::env::set_var("RUST_LOG", "hyaenidae_profiles=debug,hyaenidae_accounts=debug,hyaenidae_toolkit=debug,hyaenidae_server=debug,info");
std::env::set_var("RUST_LOG", "hyaenidae_content=debug,hyaenidae_profiles=debug,hyaenidae_accounts=debug,hyaenidae_toolkit=debug,hyaenidae_server=debug,info");
} else {
std::env::set_var("RUST_LOG", "info");
}

4
server/src/profiles/state.rs
View file

@ -298,7 +298,7 @@ impl EditProfileState {
.placeholder("Display Name")
.dark(dark);
let input = if let Some(text) = &self.profile.display_name() {
let input = if let Some(text) = &self.profile.display_name_source() {
input.value(text)
} else {
input
@ -324,7 +324,7 @@ impl EditProfileState {
.textarea()
.dark(dark);
let input = if let Some(text) = &self.profile.description_text() {
let input = if let Some(text) = &self.profile.description_source() {
input.value(text)
} else {
input

5
server/src/submissions.rs
View file

@ -277,9 +277,10 @@ pub struct SubmissionState {
impl SubmissionState {
async fn new(submission: Submission, dark: bool, state: &State) -> Result<Self, Error> {
let title = title_input(dark).value(submission.title());
let title =
title_input(dark).value(submission.title_source().unwrap_or(submission.title()));
let description = if let Some(text) = submission.description() {
let description = if let Some(text) = submission.description_source() {
description_input(dark).value(text)
} else {
description_input(dark)

9
server/templates/admin/comment_box.rs.html
View file

@ -1,6 +1,7 @@
@use crate::extensions::ProfileExt;
@use crate::views::OwnedProfileView;
@use hyaenidae_profiles::store::Comment;
@use hyaenidae_toolkit::templates::bbcode;
@use hyaenidae_toolkit::{templates::link, Link};
@use hyaenidae_toolkit::templates::icon;
@use hyaenidae_toolkit::templates::ago;
@ -16,7 +17,7 @@
@if let Some(name) = view.profile.display_name() {
<div class="profile-box--meta--display">
@:link(&Link::current_tab(&view.profile.view_path()).plain(true), {
@name
@Html(&name)
})
</div>
}
@ -31,7 +32,11 @@
</div>
</div>
</div>
<div class="profile-box--body">@comment.body()</div>
<div class="profile-box--body">
@:bbcode({
@Html(comment.body())
})
</div>
</div>
</div>

12
server/templates/admin/index.rs.html
View file

@ -36,7 +36,7 @@
reported
@:link(&Link::new_tab(&profile.view_path()).plain(true), {
@profile.name()
@Html(profile.name())
})
})
}
@ -44,12 +44,12 @@
@:reporter(reports_view, report, {
reported
@:link(&Link::new_tab(&submission.author_path()).plain(true), {
@submission.author_name()'s
@Html(submission.author_name())'s
})
submission:
@:link(&Link::new_tab(&submission.view_path()).plain(true), {
@submission.title()
@Html(submission.title())
})
})
}
@ -57,12 +57,12 @@
@:reporter(reports_view, report, {
reported
@:link(&Link::new_tab(&comment.author_path()).plain(true), {
@comment.author_name()'s
@Html(comment.author_name())'s
})
comment:
@:link(&Link::new_tab(&comment.view_path()).plain(true), {
@comment.body()
@Html(comment.body())
})
})
}
@ -70,7 +70,7 @@
@if let Some(note) = report.note() {
<div class="report-description text-section">
<h4>Note:</h4>
<p>@note</p>
<p>@Html(note)</p>
</div>
}
<div class="button-section report-actions">

4
server/templates/admin/report.rs.html
View file

@ -30,14 +30,14 @@
@:card_body({
Reported by
@:link(&Link::new_tab(&author.view_path()).plain(true), {
@author.name()
@Html(author.name())
})
})
}
@if let Some(note) = view.note() {
@:card_body({
<h4>Report Content</h4>
<p>@note</p>
<p>@Html(note)</p>
})
}
})

2
server/templates/admin/reporter.rs.html
View file

@ -7,7 +7,7 @@
<div class="report-author">
@if let Some(author) = view.reporter_profile(report) {
@:link(&Link::new_tab(&author.view_path()).plain(true), {
@author.name()
@Html(author.name())
})
}

7
server/templates/admin/server_box.rs.html
View file

@ -1,4 +1,5 @@
@use hyaenidae_profiles::store::Server;
@use hyaenidae_toolkit::templates::bbcode;
@(server: &Server, body: Content)
@ -8,12 +9,14 @@
@server.domain()
-
@if let Some(title) = server.title() {
@title
@Html(title)
}
</div>
@if let Some(description) = server.description() {
<div class="server-description">
@description
@:bbcode({
@Html(description)
})
</div>
}
@:body()

7
server/templates/admin/submission_box.rs.html
View file

@ -1,5 +1,6 @@
@use crate::extensions::{SubmissionExt, ProfileExt};
@use crate::views::{OwnedProfileView, OwnedSubmissionView};
@use hyaenidae_toolkit::templates::bbcode;
@use hyaenidae_toolkit::templates::{card_body, card_section};
@use hyaenidae_toolkit::{templates::link, Link};
@use hyaenidae_toolkit::templates::icon;
@ -18,7 +19,7 @@
@if let Some(name) = pro_view.profile.display_name() {
<div class="profile-box--meta--display">
@:link(&Link::current_tab(&pro_view.profile.view_path()).plain(true), {
@name
@Html(name)
})
</div>
}
@ -38,7 +39,9 @@
<div class="profile-box--body">
<h3>@sub_view.submission.title_text()</h3>
@if let Some(description) = sub_view.submission.description_text() {
<p>@description</p>
@:bbcode({
@Html(description)
})
}
</div>
</div>

5
server/templates/comments/nodes.rs.html
View file

@ -1,5 +1,6 @@
@use crate::comments::{Cache, CommentNode};
@use crate::templates::comments::{nodes, profile_box};
@use hyaenidae_toolkit::templates::bbcode;
@use hyaenidae_toolkit::templates::link;
@use hyaenidae_toolkit::templates::{nested_children, nested_node};
@ -29,7 +30,9 @@
}
</div>
}, {
@comment.body()
@:bbcode({
@Html(comment.body())
})
})
})
}

4
server/templates/comments/profile_box.rs.html
View file

@ -17,7 +17,7 @@
@if let Some(name) = view.profile.display_name() {
<div class="profile-box--meta--display">
@:link(&Link::current_tab(&view.profile.view_path()).plain(true), {
@name
@Html(name)
})
</div>
}
@ -34,7 +34,7 @@
@if let Some(l) = parent.view_link(cache) {
@if let Some(name) = parent.name(cache) {
@:link(&l, {
Replying to @name
Replying to @Html(name)
})
}
}

5
server/templates/comments/public.rs.html
View file

@ -4,6 +4,7 @@
@use crate::templates::button_js;
@use crate::templates::layouts::home;
@use crate::templates::comments::{nodes, profile_box};
@use hyaenidae_toolkit::templates::bbcode;
@use hyaenidae_toolkit::{templates::button_group, Button};
@use hyaenidae_toolkit::{templates::{card, card_title, card_body}, Card};
@use hyaenidae_toolkit::templates::link;
@ -29,7 +30,9 @@
}
}, {
<div class="comment-text">
@comment.body()
@:bbcode({
@Html(comment.body())
})
</div>
})
</div>

5
server/templates/comments/report.rs.html
View file

@ -4,6 +4,7 @@
@use crate::templates::button_js;
@use crate::templates::layouts::home;
@use crate::templates::comments::profile_box;
@use hyaenidae_toolkit::templates::bbcode;
@use hyaenidae_toolkit::{templates::button_group, Button};
@use hyaenidae_toolkit::{templates::{card, card_title, card_body}, Card};
@use hyaenidae_toolkit::templates::text_input;
@ -20,7 +21,9 @@
<div class="comment-body">
@:profile_box(&view.author(), view.comment.published(), &view.parent(), &view.cache, nav_state.dark(), {}, {
<div class="comment-text">
@view.comment.body()
@:bbcode({
@view.comment.body()
})
</div>
})
</div>

2
server/templates/layouts/root.rs.html
View file

@ -9,7 +9,7 @@
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>@title</title>
<title>@Html(title)</title>
<link href="@toolkit_path(toolkit_css.name)" rel="stylesheet" type="text/css" />
<link href="@statics_path(layout_css.name)" rel="stylesheet" type="text/css" />
<meta property="og:title" content="@title" />

4
server/templates/notifications/index.rs.html
View file

@ -51,11 +51,11 @@
@for c in view.comments() {
@:card_body({
@:link(&c.author_link(), {
@c.author_name()
@Html(c.author_name())
})
@if let Some(l) = c.submission_link() {
commented on your submission:
@:link(&l, { @c.submission_title() })
@:link(&l, { @Html(c.submission_title()) })
}
@if let Some(l) = c.reply_to_link() {
replied to your

2
server/templates/profiles/discover.rs.html
View file

@ -33,7 +33,7 @@
<div class="profile-result--display-name">
@if let Some(display_name) = pview.profile.display_name() {
@:link(&Link::current_tab(&pview.profile.view_path()).plain(true), {
@display_name
@Html(display_name)
})
}
</div>

2
server/templates/profiles/list.rs.html
View file

@ -28,7 +28,7 @@
<div class="profile-result--display-name">
@if let Some(display_name) = pview.profile.display_name() {
@:link(&Link::current_tab(&pview.profile.view_path()).plain(true), {
@display_name
@Html(display_name)
})
}
</div>

2
server/templates/submissions/profile_box.rs.html
View file

@ -15,7 +15,7 @@
@if let Some(name) = view.profile.display_name() {
<div class="profile-box--meta--display">
@:link(&Link::current_tab(&view.profile.view_path()).plain(true), {
@name
@Html(name)
})
</div>
}

7
server/templates/submissions/public.rs.html
View file

@ -5,6 +5,7 @@
@use crate::templates::layouts::home;
@use crate::templates::comments::nodes;
@use crate::templates::submissions::profile_box;
@use hyaenidae_toolkit::templates::bbcode;
@use hyaenidae_toolkit::{templates::button_group, Button};
@use hyaenidae_toolkit::{templates::{card, card_body, card_section, card_spacer, card_title}, Card};
@use hyaenidae_toolkit::templates::image;
@ -19,7 +20,7 @@
}, {
@:card(&Card::full_width().dark(nav_state.dark()), {
@:card_title({
@view.submission.title_text()
@Html(view.submission.title_text())
})
@:card_section({
@if let Some(img) = view.image() {
@ -48,7 +49,9 @@
@:card_body({
@:profile_box(&view.poster(), view.submission.published(), nav_state.dark(), {
@if let Some(description) = view.submission.description_text() {
@description
@:bbcode({
@Html(description)
})
}
})
})

2
server/templates/submissions/report.rs.html
View file

@ -15,7 +15,7 @@
}, {
@:card(&Card::full_width().dark(nav_state.dark()), {
@:card_title({
Report @view.submission.title()
Report @Html(view.submission.title())
})
@:submission_box(&view.submission(), &view.author(), nav_state.dark())
})