atom feeds: fix escaping of xml

Resolves: https://github.com/gentoo/soko/issues/24 Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
author: Arthur Zamarin <arthurzam@gentoo.org> 2024-04-16 22:45:14 +0300
committer: Arthur Zamarin <arthurzam@gentoo.org> 2024-04-16 22:45:14 +0300
commit: b30c1db47c05c6f5454efc03ac07381b93324c59 (patch)
tree: dedf5ce2e41bf42fc0bb08f034e8304d3b5c6e0f /pkg/app/handler
parent: arches: use TabbedLayout (diff)
download: soko-b30c1db47c05c6f5454efc03ac07381b93324c59.tar.gz
soko-b30c1db47c05c6f5454efc03ac07381b93324c59.tar.bz2
soko-b30c1db47c05c6f5454efc03ac07381b93324c59.zip
3 files changed, 6 insertions, 3 deletions
diff --git a/pkg/app/handler/feeds/changes.go b/pkg/app/handler/feeds/changes.go
index 39fd408..a4adcfa 100644
--- a/pkg/app/handler/feeds/changes.go
+++ b/pkg/app/handler/feeds/changes.go
@@ -2,6 +2,7 @@ package feeds
 
 import (
 	"fmt"
+	"html"
 	"net/http"
 	"soko/pkg/models"
 	"time"
@@ -29,7 +30,7 @@ func addFeedItems(f *feeds.Feed, versions []*models.Version) {
 		item := &feeds.Item{
 			Title:       cpv,
 			Link:        &feeds.Link{Href: "https://packages.gentoo.org/package/" + version.Atom},
-			Description: version.Description,
+			Description: html.EscapeString(version.Description),
 			Author:      &feeds.Author{Name: "unknown"},
 			Created:     time.Now(),
 		}
diff --git a/pkg/app/handler/feeds/packages.go b/pkg/app/handler/feeds/packages.go
index d953af3..2186401 100644
--- a/pkg/app/handler/feeds/packages.go
+++ b/pkg/app/handler/feeds/packages.go
@@ -2,6 +2,7 @@ package feeds
 
 import (
 	"fmt"
+	"html"
 	"net/http"
 	"soko/pkg/models"
 	"time"
@@ -28,7 +29,7 @@ func addPackageFeedItems(f *feeds.Feed, gpackages []models.Package) {
 		item := &feeds.Item{
 			Title:       gpackage.Atom,
 			Link:        &feeds.Link{Href: "https://packages.gentoo.org/package/" + gpackage.Atom},
-			Description: gpackage.Longdescription,
+			Description: html.EscapeString(gpackage.Longdescription),
 			Author:      &feeds.Author{Name: "unknown"},
 			Created:     time.Now(),
 		}
diff --git a/pkg/app/handler/maintainer/show.go b/pkg/app/handler/maintainer/show.go
index 2beb31c..c6262b1 100644
--- a/pkg/app/handler/maintainer/show.go
+++ b/pkg/app/handler/maintainer/show.go
@@ -2,6 +2,7 @@ package maintainer
 
 import (
 	"encoding/json"
+	"html"
 	"net/http"
 	"soko/pkg/app/handler/packages/components"
 	"soko/pkg/app/layout"
@@ -103,7 +104,7 @@ func ShowChangelogFeed(w http.ResponseWriter, r *http.Request) {
 
 	for _, commit := range commits {
 		feed.Add(&feeds.Item{
-			Title:   commit.Message,
+			Title:   html.EscapeString(commit.Message),
 			Updated: commit.CommitterDate,
 			Created: commit.AuthorDate,
 			Author:  &feeds.Author{Name: commit.CommitterName, Email: commit.CommitterEmail},
author	Arthur Zamarin <arthurzam@gentoo.org>	2024-04-16 22:45:14 +0300
committer	Arthur Zamarin <arthurzam@gentoo.org>	2024-04-16 22:45:14 +0300
commit	b30c1db47c05c6f5454efc03ac07381b93324c59 (patch)
tree	dedf5ce2e41bf42fc0bb08f034e8304d3b5c6e0f /pkg/app/handler
parent	arches: use TabbedLayout (diff)
download	soko-b30c1db47c05c6f5454efc03ac07381b93324c59.tar.gz soko-b30c1db47c05c6f5454efc03ac07381b93324c59.tar.bz2 soko-b30c1db47c05c6f5454efc03ac07381b93324c59.zip