From 39aba302878fcffba7496d0892268c8f1467fcd2 Mon Sep 17 00:00:00 2001 From: Runxi Yu Date: Thu, 06 Mar 2025 21:10:22 +0800 Subject: [PATCH] repo/tree, readme: nosec G203 --- http_handle_repo_tree.go | 2 +- reamde_to_html.go | 8 ++++---- diff --git a/http_handle_repo_tree.go b/http_handle_repo_tree.go index 190f0821ba24b0ce7623dd78f04fad896f5a9284..ae9efbc2709b8e61a2fd4606d78ea1a27e9c94de 100644 --- a/http_handle_repo_tree.go +++ b/http_handle_repo_tree.go @@ -84,7 +84,7 @@ if err = formatter.Format(&formatted_unencapsulated, style, iterator); err != nil { http.Error(w, "Error formatting code: "+err.Error(), http.StatusInternalServerError) return } - formatted_encapsulated = template.HTML(formatted_unencapsulated.Bytes()) + formatted_encapsulated = template.HTML(formatted_unencapsulated.Bytes()) //#nosec G203 params["file_contents"] = formatted_encapsulated render_template(w, "repo_tree_file", params) diff --git a/reamde_to_html.go b/reamde_to_html.go index 4564344e547f629c2080b52aaba56119c81053c3..29c61ca03cde5f06356cef02234d52592f3e7802 100644 --- a/reamde_to_html.go +++ b/reamde_to_html.go @@ -29,7 +29,7 @@ if readme_file_contents, err = readme_file.Contents(); err != nil { return "Error fetching README", string_escape_html("Unable to fetch contents of README: " + err.Error()) } - return "README", template.HTML("
" + html.EscapeString(readme_file_contents) + "
") + return "README", template.HTML("
" + html.EscapeString(readme_file_contents) + "
") //#nosec G203 } if readme_file, err = tree.File("README.md"); err == nil { @@ -41,7 +41,7 @@ if err = markdown_converter.Convert([]byte(readme_file_contents), &readme_rendered_unsafe); err != nil { return "Error fetching README", string_escape_html("Unable to render README: " + err.Error()) } - return "README.md", template.HTML(bluemonday.UGCPolicy().SanitizeBytes(readme_rendered_unsafe.Bytes())) + return "README.md", template.HTML(bluemonday.UGCPolicy().SanitizeBytes(readme_rendered_unsafe.Bytes())) //#nosec G203 } if readme_file, err = tree.File("README.org"); err == nil { @@ -54,12 +54,12 @@ if err != nil { return "Error fetching README", string_escape_html("Unable to render README: " + err.Error()) } - return "README.org", template.HTML(bluemonday.UGCPolicy().Sanitize(org_html)) + return "README.org", template.HTML(bluemonday.UGCPolicy().Sanitize(org_html)) //#nosec G203 } return "", "" } func string_escape_html(s string) template.HTML { - return template.HTML(html.EscapeString(s)) + return template.HTML(html.EscapeString(s)) //#nosec G203 } -- 2.48.1