Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add HTML safe types #54

Merged
merged 6 commits into from
Jul 9, 2024
Merged

Add HTML safe types #54

merged 6 commits into from
Jul 9, 2024

Conversation

Kijewski
Copy link
Collaborator

@Kijewski Kijewski commented Jul 7, 2024
edited
Loading

This PR adds an HtmlSafeMarker trait. Types that implement this marker are know to never generate strings containing the characters < > & " ', so they don't have to be escaped.

All glory goes to @dtolnay's "Autoref-based stable specialization" case study / blog entry.

This PR is built on #53.

Resolves #51.

@Kijewski Kijewski force-pushed the pr-html-safe-types branch 4 times, most recently from ae52280 to 1f5bfeb Compare July 7, 2024 08:09
@Kijewski Kijewski marked this pull request as draft July 7, 2024 08:17
@Kijewski Kijewski force-pushed the pr-html-safe-types branch from 1f5bfeb to d436bef Compare July 7, 2024 08:26
@Kijewski Kijewski marked this pull request as ready for review July 7, 2024 08:26
@GuillaumeGomez
Copy link
Contributor

I'll review this one once #53 is merged if you don't mind. ;)

@Kijewski Kijewski force-pushed the pr-html-safe-types branch from d436bef to e4f28d0 Compare July 7, 2024 20:58
@GuillaumeGomez
Copy link
Contributor

Please add an entry in the filters chapter to let users (like me hehehe) know how to use this feature.

Kijewski added 3 commits July 8, 2024 20:23
@Kijewski
Add HTML safe types
e3948ed 
This PR adds an `HtmlSafeMarker` trait. Types that implement this marker
are know to never generate strings containing the characters `< > & " '`,
so they don't have to be escaped.

All glory goes to \@dtolnay's ["Autoref-based stable specialization"][1]
case study / blog entry.

[1]: <https://github.com/dtolnay/case-studies/blob/0a9f083f334e53bc854a80022b1984b1bae36ef6/autoref-specialization/README.md>
@Kijewski
Add Safe and MaybeSafe wrappers for custom filters
6a45bbd 
Also a documentation that there is no `Unsafe` wrapper, because that's
the default anyway.
@Kijewski
Update book
d946e1e
@Kijewski Kijewski force-pushed the pr-html-safe-types branch from e4f28d0 to d946e1e Compare July 8, 2024 18:58
@Kijewski
Copy link
Collaborator Author

Kijewski commented Jul 8, 2024

Yeah, I guess the usage was not entirely self-explanatory. :D

Added a section to the book. I also renamed HtmlSafeMarker into HtmlSafe.

@Kijewski Kijewski marked this pull request as draft July 9, 2024 05:36
@Kijewski Kijewski marked this pull request as ready for review July 9, 2024 05:43
@Kijewski
Copy link
Collaborator Author

Kijewski commented Jul 9, 2024

I added more tests, and replaced MaybeSafe::safe: bool with MaybeSafe::needs_escaping: bool. A feature that might be dangerous if used wrong should be hard to misunderstand.

GuillaumeGomez
GuillaumeGomez reviewed Jul 9, 2024
View reviewed changes
rinja/src/filters/escape.rs Outdated
/// "<div class='<script>'></div>",
/// );
/// ```
pub struct MaybeSafe<T: fmt::Display> {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this type would be better as an enum (with variables Safe and NeedsEscaping?).

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, you're right. 👍 It's less error prone. And actually its easier to use I just noticed while implementing the change.

GuillaumeGomez
GuillaumeGomez previously approved these changes Jul 9, 2024
View reviewed changes
@GuillaumeGomez
Copy link
Contributor

Looks good to me, thanks! Please merge once CI is happy.

@Kijewski Kijewski force-pushed the pr-html-safe-types branch from 8d4cfe4 to 92157ee Compare July 9, 2024 10:15
@Kijewski Kijewski merged commit 4ba6729 into rinja-rs:master Jul 9, 2024
17 checks passed
@Kijewski Kijewski deleted the pr-html-safe-types branch July 9, 2024 10:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@GuillaumeGomez GuillaumeGomez GuillaumeGomez left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Make it possible to return "safe" content from filters
2 participants
@Kijewski @GuillaumeGomez