diff options
-rw-r--r-- | plugins/base/routes.go | 7 | ||||
-rw-r--r-- | plugins/base/sanitize_html.go | 4 |
2 files changed, 5 insertions, 6 deletions
diff --git a/plugins/base/routes.go b/plugins/base/routes.go index 798615f..9232097 100644 --- a/plugins/base/routes.go +++ b/plugins/base/routes.go @@ -234,13 +234,12 @@ func handleGetPart(ctx *koushin.Context, raw bool) error { } } - var body string + var body []byte if strings.HasPrefix(strings.ToLower(mimeType), "text/") { - b, err := ioutil.ReadAll(part.Body) + body, err = ioutil.ReadAll(part.Body) if err != nil { return fmt.Errorf("failed to read part body: %v", err) } - body = string(b) } isHTML := false @@ -263,7 +262,7 @@ func handleGetPart(ctx *koushin.Context, raw bool) error { Mailboxes: mailboxes, Mailbox: mbox, Message: msg, - Body: body, + Body: string(body), IsHTML: isHTML, PartPath: partPathString, MailboxPage: int(mbox.Messages-msg.SeqNum) / messagesPerPage, diff --git a/plugins/base/sanitize_html.go b/plugins/base/sanitize_html.go index f48ef4a..830f7a7 100644 --- a/plugins/base/sanitize_html.go +++ b/plugins/base/sanitize_html.go @@ -4,7 +4,7 @@ import ( "github.com/microcosm-cc/bluemonday" ) -func sanitizeHTML(b string) string { +func sanitizeHTML(b []byte) []byte { p := bluemonday.UGCPolicy() // TODO: be more strict @@ -14,5 +14,5 @@ func sanitizeHTML(b string) string { p.AddTargetBlankToFullyQualifiedLinks(true) p.RequireNoFollowOnLinks(true) - return p.Sanitize(b) + return p.SanitizeBytes(b) } |