From 428bfcd892f5f93765674265aa59a4a9a9d41c98 Mon Sep 17 00:00:00 2001 From: Antonio Pagano Date: Fri, 4 Sep 2020 12:20:07 -0500 Subject: [PATCH 1/2] moving to latest 2 go versions --- .github/workflows/tests.yml | 2 +- render/js_test.go | 7 +++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index d0f3036d1..457405146 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -8,7 +8,7 @@ jobs: runs-on: ${{ matrix.os }} strategy: matrix: - go-version: [1.13.x, 1.14.x] + go-version: [1.14.x, 1.15.x] os: [macos-latest, windows-latest, ubuntu-latest] env: GO111MODULE: on diff --git a/render/js_test.go b/render/js_test.go index 7536857f3..335e0d84b 100644 --- a/render/js_test.go +++ b/render/js_test.go @@ -124,6 +124,9 @@ func Test_JavaScript_HTML_Partial(t *testing.T) { bb := &bytes.Buffer{} r.NoError(h.Render(bb, Data{})) - pre := `let a = "\x3Cdiv` - r.True(strings.HasPrefix(bb.String(), pre)) + r.Contains(bb.String(), `id`) + r.Contains(bb.String(), `foo`) + + // To check it has escaped the partial + r.NotContains(bb.String(), `
`) } From 691acd3b7b4ea635e6508eff6e9cd42418a027e4 Mon Sep 17 00:00:00 2001 From: Antonio Pagano Date: Fri, 4 Sep 2020 12:28:37 -0500 Subject: [PATCH 2/2] cleaning up the decoder on the binding package --- binding/binding.go | 25 ++++++++++++++++++++----- binding/html_content_type_binder.go | 14 -------------- 2 files changed, 20 insertions(+), 19 deletions(-) diff --git a/binding/binding.go b/binding/binding.go index e77eb6974..e78de96be 100644 --- a/binding/binding.go +++ b/binding/binding.go @@ -2,8 +2,10 @@ package binding import ( "net/http" + "time" "github.com/gobuffalo/buffalo/binding/decoders" + "github.com/gobuffalo/nulls" "github.com/monoculum/formam" ) @@ -14,16 +16,16 @@ var ( // information on how this impacts file uploads. MaxFileMemory int64 = 5 * 1024 * 1024 - formDecoder = formam.NewDecoder(&formam.DecoderOptions{ - TagName: "form", - IgnoreUnknownKeys: true, - }) + // formDecoder (formam) that will be used across ContentTypeBinders + formDecoder = buildFormDecoder() // BaseRequestBinder is an instance of the requestBinder, it comes with preconfigured // content type binders for HTML, JSON, XML and Files, as well as custom types decoders // for time.Time and nulls.Time BaseRequestBinder = NewRequestBinder( - NewHTMLContentTypeBinder(formDecoder), + HTMLContentTypeBinder{ + decoder: formDecoder, + }, JSONContentTypeBinder{}, XMLRequestTypeBinder{}, FileRequestTypeBinder{ @@ -32,6 +34,19 @@ var ( ) ) +// buildFormDecoder that will be used in the package. This method adds some custom decoders for time.Time and nulls.Time. +func buildFormDecoder() *formam.Decoder { + decoder := formam.NewDecoder(&formam.DecoderOptions{ + TagName: "form", + IgnoreUnknownKeys: true, + }) + + decoder.RegisterCustomType(decoders.TimeDecoderFn(), []interface{}{time.Time{}}, nil) + decoder.RegisterCustomType(decoders.NullTimeDecoderFn(), []interface{}{nulls.Time{}}, nil) + + return decoder +} + // RegisterTimeFormats allows to add custom time layouts that // the binder will be able to use for decoding. func RegisterTimeFormats(layouts ...string) { diff --git a/binding/html_content_type_binder.go b/binding/html_content_type_binder.go index 0450bc48d..dd69eb56d 100644 --- a/binding/html_content_type_binder.go +++ b/binding/html_content_type_binder.go @@ -2,10 +2,7 @@ package binding import ( "net/http" - "time" - "github.com/gobuffalo/buffalo/binding/decoders" - "github.com/gobuffalo/nulls" "github.com/monoculum/formam" ) @@ -14,17 +11,6 @@ type HTMLContentTypeBinder struct { decoder *formam.Decoder } -// NewHTMLContentTypeBinder returns an instance of HTMLContentTypeBinder with -// custom type decoders registered for Time and nulls.Time -func NewHTMLContentTypeBinder(decoder *formam.Decoder) HTMLContentTypeBinder { - decoder.RegisterCustomType(decoders.TimeDecoderFn(), []interface{}{time.Time{}}, nil) - decoder.RegisterCustomType(decoders.NullTimeDecoderFn(), []interface{}{nulls.Time{}}, nil) - - return HTMLContentTypeBinder{ - decoder: decoder, - } -} - // ContentTypes that will be used to identify HTML requests func (ht HTMLContentTypeBinder) ContentTypes() []string { return []string{