Use HTMLBody encoding mode for rendering HTML templates

2023-05-28 17:47:28 +03:00 · 2023-05-28 17:47:28 +03:00 · ea985e84a1
commit ea985e84a1
parent 0f25b80288
6 changed files with 14 additions and 6 deletions
--- a/.tool-versions
+++ b/.tool-versions
@ -1,2 +1,3 @@
 erlang 25.2.2
 gleam 0.29.0
+nodejs 18.16.0
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@ -1,3 +1,8 @@
+3.0.0
+-----
+
+* Changed the default HTML encoding to only encode the necessary characters.
+
 2.0.0
 -----

--- a/gleam.toml
+++ b/gleam.toml
@ -1,5 +1,5 @@
 name = "glemplate"
-version = "2.1.0"
+version = "3.0.0"
 description = "A simple template engine for Gleam"

 # Fill out these fields if you intend to generate HTML documentation or publish
@ -12,7 +12,7 @@ links = []
 [dependencies]
 gleam_stdlib = "~> 0.28.0"
 nibble = "~> 0.2"
-glentities = "~> 3.0"
+glentities = "~> 3.1"

 [dev-dependencies]
 gleeunit = "~> 0.10"
--- a/manifest.toml
+++ b/manifest.toml
@ -4,12 +4,12 @@
 packages = [
  { name = "gleam_stdlib", version = "0.28.2", build_tools = ["gleam"], requirements = [], otp_app = "gleam_stdlib", source = "hex", outer_checksum = "088E334A00C9530D4B194F31406E51B6E4E4697C6A380D11591E60CC2F239724" },
  { name = "gleeunit", version = "0.10.1", build_tools = ["gleam"], requirements = ["gleam_stdlib"], otp_app = "gleeunit", source = "hex", outer_checksum = "ECEA2DE4BE6528D36AFE74F42A21CDF99966EC36D7F25DEB34D47DD0F7977BAF" },
-  { name = "glentities", version = "3.0.0", build_tools = ["gleam"], requirements = ["gleam_stdlib"], otp_app = "glentities", source = "hex", outer_checksum = "12A42826DD325648857D5875440EA8A77129863938211D41113A03D16FC884DE" },
+  { name = "glentities", version = "3.1.0", build_tools = ["gleam"], requirements = ["gleam_stdlib"], otp_app = "glentities", source = "hex", outer_checksum = "2A65CB2D6BFAA8994BC6612620ED6639868E48DA74F48AF256766A8B0E1DDF23" },
  { name = "nibble", version = "0.2.3", build_tools = ["gleam"], requirements = ["gleam_stdlib"], otp_app = "nibble", source = "hex", outer_checksum = "C9EB428EAC11007414C2FBA5B39F0E8DB27FDAB26534F2AD607D5AA6FCF32559" },
 ]

 [requirements]
 gleam_stdlib = "~> 0.28.0"
 gleeunit = "~> 0.10"
-glentities = "~> 3.0"
+glentities = "~> 3.1"
 nibble = "~> 0.2"
--- a/src/glemplate/html.gleam
+++ b/src/glemplate/html.gleam
@ -7,8 +7,10 @@ import glemplate/ast
 import glemplate/assigns

 /// Encode content as HTML entities so it's safe in an HTML template.
+///
+/// Note! This is not safe for use in `<script>` or `<style>` tags!
 pub fn encode(text: String) -> StringBuilder {
-  glentities.encode(text, glentities.Named)
+  glentities.encode(text, glentities.HTMLBody)
  |> string_builder.from_string()
 }

--- a/test/html_test.gleam
+++ b/test/html_test.gleam
@ -19,6 +19,6 @@ pub fn encoding_test() {

  should.equal(
    string_builder.to_string(result),
-    "<b>Welcome, &vert;&vert;&lt;xXx&lowbar;KillaBoy&lowbar;69&gt;&vert;&vert;!</b> ||<xXx_KillaBoy_69>||",
+    "<b>Welcome, ||&lt;xXx_KillaBoy_69&gt;||!</b> ||<xXx_KillaBoy_69>||",
  )
 }