From 9031a7d5d50f303d5a7016cab7a40e7782ca7cdb Mon Sep 17 00:00:00 2001 From: Runxi Yu Date: Thu, 03 Apr 2025 16:02:30 +0800 Subject: [PATCH] HTTP: Make README rendering more composable --- readme_to_html.go | 67 +++++++++++++++++++++++++---------------------------- diff --git a/readme_to_html.go b/readme_to_html.go index 6d7bbbcd3a5bcd88ff6445ce8001c4f344468c3e..e0212e92dcbc0423819c8bac2adb96e8d03d2587 100644 --- a/readme_to_html.go +++ b/readme_to_html.go @@ -18,51 +18,46 @@ ) var markdownConverter = goldmark.New(goldmark.WithExtensions(extension.GFM)) +// escapeHTML just escapes a string and wraps it in [template.HTML]. +func escapeHTML(s string) template.HTML { + return template.HTML(html.EscapeString(s)) //#nosec G203 +} + // renderReadmeAtTree looks for README files in the supplied Git tree and // returns its filename and rendered (and sanitized) HTML. -func renderReadmeAtTree(tree *object.Tree) (readmeFilename string, readmeRenderedSafeHTML template.HTML) { - var readmeRenderedUnsafe bytes.Buffer - var readmeFile *object.File - var readmeFileContents string - var err error - - if readmeFile, err = tree.File("README"); err == nil { - if readmeFileContents, err = readmeFile.Contents(); err != nil { - return "Error fetching README", escapeHTML("Unable to fetch contents of README: " + err.Error()) +func renderReadmeAtTree(tree *object.Tree) (string, template.HTML) { + for _, name := range []string{"README", "README.md", "README.org"} { + file, err := tree.File(name) + if err != nil { + continue } - - return "README", template.HTML("
" + html.EscapeString(readmeFileContents) + "
") //#nosec G203 + contents, err := file.Contents() + if err != nil { + return "Error fetching README", escapeHTML("Unable to fetch contents of " + name + ": " + err.Error()) + } + return renderReadme([]byte(contents), name) } + return "", "" +} - if readmeFile, err = tree.File("README.md"); err == nil { - if readmeFileContents, err = readmeFile.Contents(); err != nil { - return "Error fetching README", escapeHTML("Unable to fetch contents of README: " + err.Error()) - } - - if err = markdownConverter.Convert(stringToBytes(readmeFileContents), &readmeRenderedUnsafe); err != nil { +// renderReadme renders and sanitizes README content from a byte slice and filename. +func renderReadme(data []byte, filename string) (string, template.HTML) { + switch strings.ToLower(filename) { + case "readme": + return "README", template.HTML("
" + html.EscapeString(string(data)) + "
") //#nosec G203 + case "readme.md": + var buf bytes.Buffer + if err := markdownConverter.Convert(data, &buf); err != nil { return "Error fetching README", escapeHTML("Unable to render README: " + err.Error()) } - - return "README.md", template.HTML(bluemonday.UGCPolicy().SanitizeBytes(readmeRenderedUnsafe.Bytes())) //#nosec G203 - } - - if readmeFile, err = tree.File("README.org"); err == nil { - if readmeFileContents, err = readmeFile.Contents(); err != nil { - return "Error fetching README", escapeHTML("Unable to fetch contents of README: " + err.Error()) - } - - orgHTML, err := org.New().Parse(strings.NewReader(readmeFileContents), readmeFilename).Write(org.NewHTMLWriter()) + return "README.md", template.HTML(bluemonday.UGCPolicy().SanitizeBytes(buf.Bytes())) //#nosec G203 + case "readme.org": + htmlStr, err := org.New().Parse(strings.NewReader(string(data)), filename).Write(org.NewHTMLWriter()) if err != nil { return "Error fetching README", escapeHTML("Unable to render README: " + err.Error()) } - - return "README.org", template.HTML(bluemonday.UGCPolicy().Sanitize(orgHTML)) //#nosec G203 + return "README.org", template.HTML(bluemonday.UGCPolicy().Sanitize(htmlStr)) //#nosec G203 + default: + return filename, template.HTML("
" + html.EscapeString(string(data)) + "
") //#nosec G203 } - - return "", "" -} - -// escapeHTML just escapes a string and wraps it in [template.HTML]. -func escapeHTML(s string) template.HTML { - return template.HTML(html.EscapeString(s)) //#nosec G203 } -- 2.48.1