Commit graph

21 commits

Author SHA1 Message Date
Earl Warren 801792e4dc
Rename Str2html to SanitizeHTML and clarify its behavior (followup) 2024-03-06 12:10:45 +08:00
wxiaoguang 31ab331b23
Remove incorrect HTML self close tag (#23748)
HTML is not XML.
2023-03-27 18:05:51 +02:00
silverwind 647b2649b1
Make sure fmt catches all templates (#20979)
* Make sure fmt catches all templates

Make's `wildcard` is not recursive so it missed many template files, fix
that by using `find`.

* Update Makefile
2022-08-31 23:58:54 +08:00
Gusted d55a0b7238
Refactor i18n to locale (#20153)
* Refactor `i18n` to `locale`

- Currently we're using the `i18n` variable naming for the `locale`
struct. This contains locale's specific information and cannot be used
for general i18n purpose, therefore refactoring it to `locale` makes
more sense.
- Ref: https://github.com/go-gitea/gitea/pull/20096#discussion_r906699200

* Update routers/install/install.go
2022-06-27 15:58:46 -05:00
zeripath 5248232c44
Try to prevent autolinking of displaynames by email readers (#19169)
Unfortunately many email readers will (helpfully) detect url or url-like names and
automatically create links to them, even in HTML emails. This is not ideal when
usernames can have dots in them.

This PR tries to prevent this behaviour by sticking ZWJ characters between dots and
also set the meta tag to prevent format detection.

Not every email template has been changed in this way - just the activation emails but
it may be that we should be setting the above meta tag in all of our emails too.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-03-23 12:34:20 +00:00
zeripath bbffcc3aec
Multiple Escaping Improvements (#17551)
There are multiple places where Gitea does not properly escape URLs that it is building and there are multiple places where it builds urls when there is already a simpler function available to use this.
    
This is an extensive PR attempting to fix these issues.

1. The first commit in this PR looks through all href, src and links in the Gitea codebase and has attempted to catch all the places where there is potentially incomplete escaping.
2. Whilst doing this we will prefer to use functions that create URLs over recreating them by hand.
3. All uses of strings should be directly escaped - even if they are not currently expected to contain escaping characters. The main benefit to doing this will be that we can consider relaxing the constraints on user names and reponames in future. 
4. The next commit looks at escaping in the wiki and re-considers the urls that are used there. Using the improved escaping here wiki files containing '/'. (This implementation will currently still place all of the wiki files the root directory of the repo but this would not be difficult to change.)
5. The title generation in feeds is now properly escaped.
6. EscapePound is no longer needed - urls should be PathEscaped / QueryEscaped as necessary but then re-escaped with Escape when creating html with locales Signed-off-by: Andrew Thornton <art27@cantab.net>

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-16 18:18:25 +00:00
Jimmy Praet aac7f68af1
Fix reset password email template (#17025)
Removed unused variable passed to mail.link_not_working_do_paste

Co-authored-by: 6543 <6543@obermui.de>
2021-09-12 21:02:07 +08:00
6543 be81dc8b20
Localize Email Templates (#16200)
close #14822
2021-06-23 14:33:21 +02:00
AJ ONeal 6dbd261852 UX + Security current user password reset (#5042)
* allow current user to reset their own password

* handle reset password edge cases properly and consistently

* remove dangling assignment

* properly label account recovery instead of reset password

* remove 'Click here' from button

* update English-only account-recovery templates
2019-04-18 10:23:59 +03:00
mrsdizzie 04003d9dc7 Make distinction between DisplayName and Username in email templates (#6495)
* Make distinction between DisplayName and Username in email templates

Store the actual username in the variable named Username and store the
separate DisplayName in another variable. This allows us to access the
actual username when we need, which currently fails if a user has set a
full name.

Fixes #6161

* Use u.Name directly

No need for extra function, also change use in all mail sending
functions here

* Don't include Username when not used
2019-04-04 10:52:48 +03:00
cezar97 51ba3df5ff Add noreferrer to rel='noopener` for <a> tags (#4328) 2018-07-03 19:52:36 -04:00
Arif 6e98812ecf Fix copy in email templates (#2801) 2017-10-29 23:57:05 +02:00
Jonas Östanbäck b93568cce4 xxx_active_code_live setting in printed in hours and minutes instead … (#1814)
* xxx_active_code_live setting in printed in hours and minutes instead of just hours

* Update app.ini description of xxx_code_lives settings
2017-05-29 02:35:47 -05:00
Jonas 16732fbfde Removed email copyright year (#1348) 2017-03-21 18:00:39 +08:00
Bwko 5ab85372da Added rel="noopener" to target="_blank" hrefs (#327)
* Added rel="noopener" to target="_blank" hrefs

* Replaced gogs.io/docs with docs.gitea.io
2016-12-02 09:12:16 +08:00
Unknwon f1b8d52eb3 #2854 fix no mail notification when issue is closed/reopened 2016-07-16 00:36:39 +08:00
Adam Strzelecki da2585c11e Indent all templates with tabs
This commit improves templates readability, since all of them use consistent
indent with all template command blocks indented too.

1. Indents both HTML containers such as <div>, <p> and Go HTML template blocks
   such as {{if}} {{with}}

2. Cleans all trailing white-space

3. Adds trailing last line-break to each file
2015-12-08 00:57:46 +01:00
Unknwon 9d36fc6986 finish new auth e-mails 2015-09-17 14:57:24 -04:00
Mathieu Gagnon 3549fb0ea8 Remove APP_LOGO setting 2014-09-13 03:52:51 -04:00
twitchyliquid64 d304a23787 Corrected grammar and spelling mistakes in templates. Normalizing to American English. 2014-04-20 16:54:26 +10:00
Unknown b7c3b0cc73 Add reset password, fix #58 2014-04-05 12:32:34 -04:00