mirror of
https://codeberg.org/Codeberg/pages-server.git
synced 2024-11-30 16:05:32 +00:00
Fix error page generation (#145)
Co-authored-by: crapStone <crapstone01@gmail.com> Reviewed-on: https://codeberg.org/Codeberg/pages-server/pulls/145 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Reviewed-by: 6543 <6543@obermui.de> Co-authored-by: crapStone <crapstone@noreply.codeberg.org> Co-committed-by: crapStone <crapstone@noreply.codeberg.org>
This commit is contained in:
parent
dcf03fc078
commit
9d769aeee7
4
Justfile
4
Justfile
@ -38,10 +38,10 @@ tool-gofumpt:
|
||||
fi
|
||||
|
||||
test:
|
||||
go test -race codeberg.org/codeberg/pages/server/...
|
||||
go test -race codeberg.org/codeberg/pages/server/... codeberg.org/codeberg/pages/html/
|
||||
|
||||
test-run TEST:
|
||||
go test -race -run "^{{TEST}}$" codeberg.org/codeberg/pages/server/...
|
||||
go test -race -run "^{{TEST}}$" codeberg.org/codeberg/pages/server/... codeberg.org/codeberg/pages/html/
|
||||
|
||||
integration:
|
||||
go test -race -tags integration codeberg.org/codeberg/pages/integration/...
|
||||
|
@ -15,16 +15,27 @@ func ReturnErrorPage(ctx *context.Context, msg string, statusCode int) {
|
||||
ctx.RespWriter.Header().Set("Content-Type", "text/html; charset=utf-8")
|
||||
ctx.RespWriter.WriteHeader(statusCode)
|
||||
|
||||
if msg == "" {
|
||||
msg = errorBody(statusCode)
|
||||
} else {
|
||||
// TODO: use template engine
|
||||
msg = strings.ReplaceAll(strings.ReplaceAll(ErrorPage, "%message%", msg), "%status%", http.StatusText(statusCode))
|
||||
}
|
||||
msg = generateResponse(msg, statusCode)
|
||||
|
||||
_, _ = ctx.RespWriter.Write([]byte(msg))
|
||||
}
|
||||
|
||||
// TODO: use template engine
|
||||
func generateResponse(msg string, statusCode int) string {
|
||||
if msg == "" {
|
||||
msg = strings.ReplaceAll(NotFoundPage,
|
||||
"%status%",
|
||||
strconv.Itoa(statusCode)+" "+errorMessage(statusCode))
|
||||
} else {
|
||||
msg = strings.ReplaceAll(
|
||||
strings.ReplaceAll(ErrorPage, "%message%", template.HTMLEscapeString(msg)),
|
||||
"%status%",
|
||||
http.StatusText(statusCode))
|
||||
}
|
||||
|
||||
return msg
|
||||
}
|
||||
|
||||
func errorMessage(statusCode int) string {
|
||||
message := http.StatusText(statusCode)
|
||||
|
||||
@ -37,11 +48,3 @@ func errorMessage(statusCode int) string {
|
||||
|
||||
return message
|
||||
}
|
||||
|
||||
// TODO: use template engine
|
||||
func errorBody(statusCode int) string {
|
||||
return template.HTMLEscapeString(
|
||||
strings.ReplaceAll(NotFoundPage,
|
||||
"%status%",
|
||||
strconv.Itoa(statusCode)+" "+errorMessage(statusCode)))
|
||||
}
|
||||
|
38
html/error_test.go
Normal file
38
html/error_test.go
Normal file
@ -0,0 +1,38 @@
|
||||
package html
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"strings"
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestValidMessage(t *testing.T) {
|
||||
testString := "requested blacklisted path"
|
||||
statusCode := http.StatusForbidden
|
||||
|
||||
expected := strings.ReplaceAll(
|
||||
strings.ReplaceAll(ErrorPage, "%message%", testString),
|
||||
"%status%",
|
||||
http.StatusText(statusCode))
|
||||
actual := generateResponse(testString, statusCode)
|
||||
|
||||
if expected != actual {
|
||||
t.Errorf("generated response did not match: expected: '%s', got: '%s'", expected, actual)
|
||||
}
|
||||
}
|
||||
|
||||
func TestMessageWithHtml(t *testing.T) {
|
||||
testString := `abc<img src=1 onerror=alert("xss");`
|
||||
escapedString := "abc<img src=1 onerror=alert("xss");"
|
||||
statusCode := http.StatusNotFound
|
||||
|
||||
expected := strings.ReplaceAll(
|
||||
strings.ReplaceAll(ErrorPage, "%message%", escapedString),
|
||||
"%status%",
|
||||
http.StatusText(statusCode))
|
||||
actual := generateResponse(testString, statusCode)
|
||||
|
||||
if expected != actual {
|
||||
t.Errorf("generated response did not match: expected: '%s', got: '%s'", expected, actual)
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user