// urlFilter returns its input unless it contains an unsafe scheme in which // case it defangs the entire URL. // // Schemes that cause unintended side effects that are irreversible without user // interaction are considered unsafe. For example, clicking on a "javascript:" // link can immediately trigger JavaScript code execution. // // This filter conservatively assumes that all schemes other than the following // are unsafe: // - http: Navigates to a new website, and may open a new window or tab. // These side effects can be reversed by navigating back to the // previous website, or closing the window or tab. No irreversible // changes will take place without further user interaction with // the new website. // - https: Same as http. // - mailto: Opens an email program and starts a new draft. This side effect // is not irreversible until the user explicitly clicks send; it // can be undone by closing the email program. // // To allow URLs containing other schemes to bypass this filter, developers must // explicitly indicate that such a URL is expected and safe by encapsulating it // in a template.URL value. func urlFilter(args ...any) string { … } // isSafeURL is true if s is a relative URL or if URL has a protocol in // (http, https, mailto). func isSafeURL(s string) bool { … } // urlEscaper produces an output that can be embedded in a URL query. // The output can be embedded in an HTML attribute without further escaping. func urlEscaper(args ...any) string { … } // urlNormalizer normalizes URL content so it can be embedded in a quote-delimited // string or parenthesis delimited url(...). // The normalizer does not encode all HTML specials. Specifically, it does not // encode '&' so correct embedding in an HTML attribute requires escaping of // '&' to '&'. func urlNormalizer(args ...any) string { … } // urlProcessor normalizes (when norm is true) or escapes its input to produce // a valid hierarchical or opaque URL part. func urlProcessor(norm bool, args ...any) string { … } // processURLOnto appends a normalized URL corresponding to its input to b // and reports whether the appended content differs from s. func processURLOnto(s string, norm bool, b *strings.Builder) bool { … } // Filters and normalizes srcset values which are comma separated // URLs followed by metadata. func srcsetFilterAndEscaper(args ...any) string { … } const htmlSpaceAndASCIIAlnumBytes … // isHTMLSpace is true iff c is a whitespace character per // https://infra.spec.whatwg.org/#ascii-whitespace func isHTMLSpace(c byte) bool { … } func isHTMLSpaceOrASCIIAlnum(c byte) bool { … } func filterSrcsetElement(s string, left int, right int, b *strings.Builder) { … }
Codebase Browser
go