Home Explore Help
Sign In
RevolvingCow
/
loop
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Commits 16 Releases 0 Wiki
Browse Source

escaping urls

bmallred 9 years ago
parent
49a70b2f81
commit
44bc9bbeca
2 changed files with 36 additions and 9 deletions
Unified View Show Diff Stats
  1. 23 1
      handlers/content.go
  2. 13 8
      html/workspace.html

+ 23 - 1
handlers/content.go
View File

5 
	"html/template"
 5 
	"html/template"
6 
	"log"
 6 
	"log"
7 
	"net/http"
 7 
	"net/http"
8 
	"net/url"
8 
	"time"
 9 
	"time"
9
10
10 
	"code.revolvingcow.com/revolvingcow/loop/account"
 11 
	"code.revolvingcow.com/revolvingcow/loop/account"
69 
	vars := mux.Vars(r)
 70 
	vars := mux.Vars(r)
70 
	title := vars["title"]
 71 
	title := vars["title"]
71 
	if title != "" {
 72 
	if title != "" {
73 
		title, err = url.QueryUnescape(title)
74 
		if err != nil {
75 
			http.Error(w, err.Error(), http.StatusInternalServerError)
76 
		}
72 
		account.Add(title, "document.md", []byte{})
 77 
		account.Add(title, "document.md", []byte{})
73 
	} else {
 78 
	} else {
74 
		http.Redirect(w, r, account.Username, http.StatusSeeOther)
 79 
		http.Redirect(w, r, account.Username, http.StatusSeeOther)
75 
	}
 80 
	}
76
81
77 
	http.Redirect(w, r, "/"+account.Username+"/edit/"+title, http.StatusSeeOther)
82 
	http.Redirect(w, r, "/"+account.Username+"/edit/"+url.QueryEscape(title), http.StatusSeeOther)
78 
}
 83 
}
79
84
80 
// ContentReadHandler reads a document in the user context.
 85 
// ContentReadHandler reads a document in the user context.
94 
		http.Error(w, "No title given", http.StatusInternalServerError)
 99 
		http.Error(w, "No title given", http.StatusInternalServerError)
95 
		return
 100 
		return
96 
	}
 101 
	}
102 
	title, err = url.QueryUnescape(title)
103 
	if err != nil {
104 
		http.Error(w, err.Error(), http.StatusInternalServerError)
105 
	}
97
106
98 
	contents, err := account.Read(title)
 107 
	contents, err := account.Read(title)
99 
	if err != nil {
 108 
	if err != nil {
128
137
129 
	vars := mux.Vars(r)
 138 
	vars := mux.Vars(r)
130 
	title := vars["title"]
 139 
	title := vars["title"]
140 
	title, err = url.QueryUnescape(title)
141 
	if err != nil {
142 
		http.Error(w, err.Error(), http.StatusInternalServerError)
143 
	}
144
131 
	contents := r.FormValue("contents")
 145 
	contents := r.FormValue("contents")
132 
	if contents == "" {
 146 
	if contents == "" {
133 
		contents, _ = account.Read(title)
 147 
		contents, _ = account.Read(title)
162 
		http.Error(w, "No title given", http.StatusInternalServerError)
 176 
		http.Error(w, "No title given", http.StatusInternalServerError)
163 
		return
 177 
		return
164 
	}
 178 
	}
179 
	title, err = url.QueryUnescape(title)
180 
	if err != nil {
181 
		http.Error(w, err.Error(), http.StatusInternalServerError)
182 
	}
165
183
166 
	contents := r.FormValue("contents")
 184 
	contents := r.FormValue("contents")
167 
	if contents == "" {
 185 
	if contents == "" {
194 
		http.Error(w, "No title given", http.StatusInternalServerError)
 212 
		http.Error(w, "No title given", http.StatusInternalServerError)
195 
		return
 213 
		return
196 
	}
 214 
	}
215 
	title, err = url.QueryUnescape(title)
216 
	if err != nil {
217 
		http.Error(w, err.Error(), http.StatusInternalServerError)
218 
	}
197
219
198 
	account.Remove(title)
 220 
	account.Remove(title)
199 
	http.Redirect(w, r, "/"+account.Username, http.StatusSeeOther)
 221 
	http.Redirect(w, r, "/"+account.Username, http.StatusSeeOther)

+ 13 - 8
html/workspace.html
View File

72 
{{ end }}
 72 
{{ end }}
73 
{{ define "content" }}
 73 
{{ define "content" }}
74 
    <div class="row">
 74 
    <div class="row">
75
75 
        <div id="left-pane" class="col s4 m4 l2">
 76 
        <div id="left-pane" class="col s4 m4 l2">
76 
            <div class="row">
 77 
            <div class="row">
77 
                <div class="col s12">
 78 
                <div class="col s12">
91 
                        {{ range $d := .Directories }}
 92 
                        {{ range $d := .Directories }}
92 
                            <li class="collection-item avatar dismissable">
 93 
                            <li class="collection-item avatar dismissable">
93 
                                <i class="mdi-file-folder circle"></i>
 94 
                                <i class="mdi-file-folder circle"></i>
94 
                                <span class="title"><a href="/{{ $.Username }}/edit/{{ $d }}">{{ $d }}</a></span>
95 
                                <span class="title"><a href="/{{ $.Username }}/edit/{{ $d | urlquery }}">{{ $d }}</a></span>
95 
                                <p><!--(3 files)--></p>
 96 
                                <p><!--(3 files)--></p>
96 
                                <a href="#" class="secondary-content"><i class="mdi-action-grade"></i></a>
 97 
                                <a href="#" class="secondary-content"><i class="mdi-action-grade"></i></a>
97 
                            </li>
 98 
                            </li>
100 
                </div>
 101 
                </div>
101 
            </div>
 102 
            </div>
102 
        </div>
 103 
        </div>
104
103 
        <div id="workarea" class="col s8 m8 l10">
 105 
        <div id="workarea" class="col s8 m8 l10">
104 
            <div class="fixed-action-btn" style="bottom: 45px; right: 24px;">
 106 
            <div class="fixed-action-btn" style="bottom: 45px; right: 24px;">
105 
                <a id="create" class="btn-floating btn-large red" title="Edit">
 107 
                <a id="create" class="btn-floating btn-large red" title="Edit">
128 
                    </div>
 130 
                    </div>
129 
                    <div class="col s12 m12 l12"><h4>{{ .Title }}</h4></div>
 131 
                    <div class="col s12 m12 l12"><h4>{{ .Title }}</h4></div>
130 
                    <pre id="editor" class="col s12 m12 l12">{{ .Content }}</pre>
 132 
                    <pre id="editor" class="col s12 m12 l12">{{ .Content }}</pre>
131 
                    <iframe id="view" class="col s12 m12 l12" style="display: none;" frameBorder="0" seamless="seamless" src="/{{ .Username }}/edit/{{ .Title }}/preview"></iframe>
133 
                    <iframe id="view" class="col s12 m12 l12" style="display: none;" frameBorder="0" seamless="seamless" src="/{{ .Username }}/edit/{{ .Title | urlquery }}/preview"></iframe>
132 
                </div>
 134 
                </div>
133 
            {{ else }}
 135 
            {{ else }}
134 
                <div class="row">
 136 
                <div class="row">
139 
            {{ end }}
 141 
            {{ end }}
140 
        </div>
 142 
        </div>
141 
    </div>
 143 
    </div>
144
142 
    <div class="row">
 145 
    <div class="row">
143 
        <div class="col s12">
 146 
        <div class="col s12">
144 
            <div id="upload-area" class="modal bottom-sheet">
 147 
            <div id="upload-area" class="modal bottom-sheet">
161 
            </div>
 164 
            </div>
162 
        </div>
 165 
        </div>
163 
    </div>
 166 
    </div>
167
164 
    <div id="modal-new-directory" class="modal">
 168 
    <div id="modal-new-directory" class="modal">
165 
        <div class="modal-content">
 169 
        <div class="modal-content">
166 
            <h4>New Content</h4>
 170 
            <h4>New Content</h4>
341 
                });
 345 
                });
342 
            });
 346 
            });
343
347
348 
            $('form#new-directory').submit(function (event) {
349 
                var title = $('input#title').val();
350 
                var action = $(this).attr('action');
351 
                $(this).attr('action', action + encodeURIComponent(title));
352 
                return true;
353 
            });
344 
            $('a#new').click(function (event) {
 354 
            $('a#new').click(function (event) {
345 
                event.preventDefault();
 355 
                event.preventDefault();
346 
                var title = $('input#title').val();
347
348 
                var form = $('form#new-directory');
349 
                form.attr('action', form.attr('action') + title);
350 
                form.submit();
351
356 
                $('form#new-directory').submit();
352 
                return false;
 357 
                return false;
353 
            });
 358 
            });
354
359