2023-12-22 16:47:34 +03:00
|
|
|
// Copyright 2017, 2023 The Gitea & forgejo Authors. All rights reserved.
|
2022-11-27 21:20:29 +03:00
|
|
|
// SPDX-License-Identifier: MIT
|
2017-12-07 10:00:09 +03:00
|
|
|
|
|
|
|
package utils
|
|
|
|
|
|
|
|
import (
|
2023-12-20 14:30:22 +03:00
|
|
|
"fmt"
|
2020-02-22 16:08:48 +03:00
|
|
|
"html"
|
2023-12-20 14:30:22 +03:00
|
|
|
"io"
|
2020-08-11 23:05:34 +03:00
|
|
|
"net/url"
|
2017-12-07 10:00:09 +03:00
|
|
|
"strings"
|
2020-08-11 23:05:34 +03:00
|
|
|
|
|
|
|
"code.gitea.io/gitea/modules/setting"
|
2017-12-07 10:00:09 +03:00
|
|
|
)
|
|
|
|
|
2020-02-22 16:08:48 +03:00
|
|
|
// SanitizeFlashErrorString will sanitize a flash error string
|
|
|
|
func SanitizeFlashErrorString(x string) string {
|
2020-10-11 23:27:20 +03:00
|
|
|
return strings.ReplaceAll(html.EscapeString(x), "\n", "<br>")
|
2020-02-22 16:08:48 +03:00
|
|
|
}
|
2020-08-11 23:05:34 +03:00
|
|
|
|
|
|
|
// IsExternalURL checks if rawURL points to an external URL like http://example.com
|
|
|
|
func IsExternalURL(rawURL string) bool {
|
|
|
|
parsed, err := url.Parse(rawURL)
|
|
|
|
if err != nil {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
appURL, _ := url.Parse(setting.AppURL)
|
|
|
|
if len(parsed.Host) != 0 && strings.Replace(parsed.Host, "www.", "", 1) != strings.Replace(appURL.Host, "www.", "", 1) {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
return false
|
|
|
|
}
|
2023-12-20 14:30:22 +03:00
|
|
|
|
|
|
|
// Limit number of characters in a string (useful to prevent log injection attacks and overly long log outputs)
|
|
|
|
// Thanks to https://www.socketloop.com/tutorials/golang-characters-limiter-example
|
|
|
|
func CharLimiter(s string, limit int) string {
|
|
|
|
reader := strings.NewReader(s)
|
|
|
|
buff := make([]byte, limit)
|
|
|
|
n, _ := io.ReadAtLeast(reader, buff, limit)
|
|
|
|
if n != 0 {
|
|
|
|
return fmt.Sprint(string(buff), "...")
|
|
|
|
}
|
2023-12-22 16:47:34 +03:00
|
|
|
return s
|
2023-12-20 14:30:22 +03:00
|
|
|
}
|