1
0

Added message text new line filtering for reply.

This commit is contained in:
Alexander Andreev 2023-05-09 23:53:48 +04:00
parent 64a51018f6
commit 240a8c389e
Signed by: Arav
GPG Key ID: D22A817D95815393

View File

@ -108,8 +108,14 @@ func (h *GuestbookApiHandlers) Reply(w http.ResponseWriter, r *http.Request) {
if strings.Contains(r.Header.Get("Content-Type"), "application/x-www-form-urlencoded") { if strings.Contains(r.Header.Get("Content-Type"), "application/x-www-form-urlencoded") {
r.ParseForm() r.ParseForm()
id, _ := strconv.ParseInt(GetURLParam(r, "id"), 10, 64) id, _ := strconv.ParseInt(GetURLParam(r, "id"), 10, 64)
reply, err = guestbook.NewReply(id, r.FormValue("message"))
message := strings.ReplaceAll(r.FormValue("message"), "\r\n", "\n")
message = strings.ReplaceAll(message, "\n\r", "\n")
message = strings.ReplaceAll(message, "\r", "\n")
reply, err = guestbook.NewReply(id, message)
if err != nil { if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError) http.Error(w, err.Error(), http.StatusInternalServerError)
return return
@ -128,8 +134,14 @@ func (h *GuestbookApiHandlers) EditReply(w http.ResponseWriter, r *http.Request)
if strings.Contains(r.Header.Get("Content-Type"), "application/x-www-form-urlencoded") { if strings.Contains(r.Header.Get("Content-Type"), "application/x-www-form-urlencoded") {
r.ParseForm() r.ParseForm()
id, _ := strconv.ParseInt(GetURLParam(r, "id"), 10, 64) id, _ := strconv.ParseInt(GetURLParam(r, "id"), 10, 64)
reply, err = guestbook.NewReply(id, r.FormValue("message"))
message := strings.ReplaceAll(r.FormValue("message"), "\r\n", "\n")
message = strings.ReplaceAll(message, "\n\r", "\n")
message = strings.ReplaceAll(message, "\r", "\n")
reply, err = guestbook.NewReply(id, message)
if err != nil { if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError) http.Error(w, err.Error(), http.StatusInternalServerError)
return return