aykhans/slash-e
1
0
Fork 0
mirror of https://github.com/aykhans/slash-e.git synced 2025-04-20 22:07:15 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

chore: add html escaping

Browse Source
This commit is contained in:
Steven 2023-12-17 23:37:19 +08:00
parent fb7fc2443f
commit 997b057a21
1 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
server/embed_frontend.go
View File

@ -3,6 +3,7 @@ package server
import ( import (
"embed" "embed"
"fmt" "fmt"
"html/template"
"io/fs" "io/fs"
"net/http" "net/http"
"strings" "strings"
@ -142,18 +143,18 @@ Sitemap: %s/sitemap.xml`, instanceURL, instanceURL)
func generateShortcutMetadata(shortcut *storepb.Shortcut) string { func generateShortcutMetadata(shortcut *storepb.Shortcut) string {
metadataList := []string{ metadataList := []string{
fmt.Sprintf(`<title>%s</title>`, shortcut.OgMetadata.Title), fmt.Sprintf(`<title>%s</title>`, template.HTMLEscapeString(shortcut.OgMetadata.Title)),
fmt.Sprintf(`<meta name="description" content="%s" />`, shortcut.OgMetadata.Description), fmt.Sprintf(`<meta name="description" content="%s" />`, template.HTMLEscapeString(shortcut.OgMetadata.Description)),
fmt.Sprintf(`<meta property="og:title" content="%s" />`, shortcut.OgMetadata.Title), fmt.Sprintf(`<meta property="og:title" content="%s" />`, template.HTMLEscapeString(shortcut.OgMetadata.Title)),
fmt.Sprintf(`<meta property="og:description" content="%s" />`, shortcut.OgMetadata.Description), fmt.Sprintf(`<meta property="og:description" content="%s" />`, template.HTMLEscapeString(shortcut.OgMetadata.Description)),
fmt.Sprintf(`<meta property="og:image" content="%s" />`, shortcut.OgMetadata.Image), fmt.Sprintf(`<meta property="og:image" content="%s" />`, template.HTMLEscapeString(shortcut.OgMetadata.Image)),
`<meta property="og:type" content="website" />`, `<meta property="og:type" content="website" />`,
// Twitter related metadata. // Twitter related metadata.
fmt.Sprintf(`<meta name="twitter:title" content="%s" />`, shortcut.OgMetadata.Title), fmt.Sprintf(`<meta name="twitter:title" content="%s" />`, template.HTMLEscapeString(shortcut.OgMetadata.Title)),
fmt.Sprintf(`<meta name="twitter:description" content="%s" />`, shortcut.OgMetadata.Description), fmt.Sprintf(`<meta name="twitter:description" content="%s" />`, template.HTMLEscapeString(shortcut.OgMetadata.Description)),
fmt.Sprintf(`<meta name="twitter:image" content="%s" />`, shortcut.OgMetadata.Image), fmt.Sprintf(`<meta name="twitter:image" content="%s" />`, template.HTMLEscapeString(shortcut.OgMetadata.Image)),
`<meta name="twitter:card" content="summary_large_image" />`, `<meta name="twitter:card" content="summary_large_image" />`,
fmt.Sprintf(`<meta property="og:url" content="%s" />`, shortcut.Link), fmt.Sprintf(`<meta property="og:url" content="%s" />`, template.HTMLEscapeString(shortcut.Link)),
} }
return strings.Join(metadataList, "\n") return strings.Join(metadataList, "\n")
} }