Improve QueryEscape helper function (#29768)

Make it return "template.URL" to follow Golang template's context
auto-escaping.

(cherry picked from commit 3e94ac5c7c6751919453fdb66ba3472e2793759e)
This commit is contained in:
wxiaoguang 2024-03-13 21:32:30 +08:00 committed by Earl Warren
parent 3bd42e5879
commit 5bb08e2bd7
No known key found for this signature in database
GPG key ID: 0579CB2928A78A00

View file

@ -38,7 +38,7 @@ func NewFuncMap() template.FuncMap {
"SafeHTML": SafeHTML,
"HTMLFormat": HTMLFormat,
"HTMLEscape": HTMLEscape,
"QueryEscape": url.QueryEscape,
"QueryEscape": QueryEscape,
"JSEscape": JSEscapeSafe,
"SanitizeHTML": SanitizeHTML,
"URLJoin": util.URLJoin,
@ -229,6 +229,10 @@ func JSEscapeSafe(s string) template.HTML {
return template.HTML(template.JSEscapeString(s))
}
func QueryEscape(s string) template.URL {
return template.URL(url.QueryEscape(s))
}
// DotEscape wraps a dots in names with ZWJ [U+200D] in order to prevent autolinkers from detecting these as urls
func DotEscape(raw string) string {
return strings.ReplaceAll(raw, ".", "\u200d.\u200d")