From 150df2435dee9112f2e944c4a72e24ad161717a6 Mon Sep 17 00:00:00 2001 From: video-prize-ranch Date: Fri, 22 Jul 2022 12:20:51 -0400 Subject: [PATCH] Fix tag backgrounds --- api/album.go | 29 +++++++++++++++-------------- api/tag.go | 29 +++++++++++++++-------------- pages/post.go | 20 ++++++++++++++++---- views/post.hbs | 7 ++++++- 4 files changed, 52 insertions(+), 33 deletions(-) diff --git a/api/album.go b/api/album.go index 93e9efb..18903e2 100644 --- a/api/album.go +++ b/api/album.go @@ -19,9 +19,9 @@ type Album struct { CreatedAt string UpdatedAt string Comments int64 - User User + User User Media []Media - Tags []Tag + Tags []Tag } type Media struct { @@ -30,8 +30,8 @@ type Media struct { Title string Description string Url string - Type string - MimeType string + Type string + MimeType string } var albumCache = cache.New(1*time.Hour, 15*time.Minute) @@ -52,7 +52,7 @@ func FetchAlbum(albumID string) (Album, error) { return Album{}, err } - albumCache.Set(albumID + "-album", album, cache.DefaultExpiration) + albumCache.Set(albumID+"-album", album, cache.DefaultExpiration) return album, err } @@ -72,7 +72,7 @@ func FetchPosts(albumID string) (Album, error) { return Album{}, err } - albumCache.Set(albumID + "-posts", album, cache.DefaultExpiration) + albumCache.Set(albumID+"-posts", album, cache.DefaultExpiration) return album, nil } @@ -81,7 +81,7 @@ func FetchMedia(mediaID string) (Album, error) { if found { return cacheData.(Album), nil } - + data, err := utils.GetJSON("https://api.imgur.com/post/v1/media/" + mediaID + "?client_id=" + utils.Config["imgurId"].(string) + "&include=media%2Caccount") if err != nil { return Album{}, err @@ -92,7 +92,7 @@ func FetchMedia(mediaID string) (Album, error) { return Album{}, err } - albumCache.Set(mediaID + "-media", album, cache.DefaultExpiration) + albumCache.Set(mediaID+"-media", album, cache.DefaultExpiration) return album, nil } @@ -121,9 +121,10 @@ func ParseAlbum(data gjson.Result) (Album, error) { data.Get("tags").ForEach( func(key gjson.Result, value gjson.Result) bool { tags = append(tags, Tag{ - Tag: value.Get("tag").String(), - Display: value.Get("display").String(), - Background: "/" + value.Get("background_id").String() + ".webp", + Tag: value.Get("tag").String(), + Display: value.Get("display").String(), + Background: "/" + value.Get("background_id").String() + ".webp", + BackgroundId: value.Get("background_id").String(), }) return true }, @@ -144,15 +145,15 @@ func ParseAlbum(data gjson.Result) (Album, error) { Comments: data.Get("comment_count").Int(), CreatedAt: createdAt, Media: media, - Tags: tags, + Tags: tags, } account := data.Get("account") if account.Raw != "" { album.User = User{ - Id: account.Get("id").Int(), + Id: account.Get("id").Int(), Username: account.Get("username").String(), - Avatar: strings.ReplaceAll(account.Get("avatar_url").String(), "https://i.imgur.com", ""), + Avatar: strings.ReplaceAll(account.Get("avatar_url").String(), "https://i.imgur.com", ""), } } diff --git a/api/tag.go b/api/tag.go index 9e016df..0e80148 100644 --- a/api/tag.go +++ b/api/tag.go @@ -13,12 +13,13 @@ import ( ) type Tag struct { - Tag string - Display string - Sort string - PostCount int64 - Posts []Submission - Background string + Tag string + Display string + Sort string + PostCount int64 + Posts []Submission + Background string + BackgroundId string } var tagCache = cache.New(15*time.Minute, 15*time.Minute) @@ -80,9 +81,9 @@ func FetchTag(tag string, sort string, page string) (Tag, error) { Title: value.Get("title").String(), Link: strings.ReplaceAll(value.Get("url").String(), "https://imgur.com", ""), Cover: Media{ - Id: value.Get("cover_id").String(), + Id: value.Get("cover_id").String(), Type: value.Get("cover.type").String(), - Url: strings.ReplaceAll(value.Get("cover.url").String(), "https://i.imgur.com", ""), + Url: strings.ReplaceAll(value.Get("cover.url").String(), "https://i.imgur.com", ""), }, Points: value.Get("point_count").Int(), Upvotes: value.Get("upvote_count").Int(), @@ -100,12 +101,12 @@ func FetchTag(tag string, sort string, page string) (Tag, error) { wg.Wait() tagData := Tag{ - Tag: tag, - Display: data.Get("display").String(), - Sort: sort, - PostCount: data.Get("post_count").Int(), - Posts: posts, - Background: "/" + data.Get("background_id").String() + ".webp", + Tag: tag, + Display: data.Get("display").String(), + Sort: sort, + PostCount: data.Get("post_count").Int(), + Posts: posts, + Background: "/" + data.Get("background_id").String() + ".webp", } tagCache.Set(tag, tagData, cache.DefaultExpiration) diff --git a/pages/post.go b/pages/post.go index 4999b40..a96bc75 100644 --- a/pages/post.go +++ b/pages/post.go @@ -1,6 +1,8 @@ package pages import ( + "crypto/rand" + "fmt" "strings" "codeberg.org/video-prize-ranch/rimgo/api" @@ -11,7 +13,6 @@ import ( func HandlePost(c *fiber.Ctx) error { utils.SetHeaders(c) c.Set("X-Frame-Options", "DENY") - c.Set("Content-Security-Policy", "default-src 'none'; media-src 'self'; style-src 'self'; img-src 'self'; font-src 'self'; manifest-src 'self'; block-all-mixed-content") post, err := api.Album{}, error(nil) switch { @@ -26,7 +27,7 @@ func HandlePost(c *fiber.Ctx) error { c.Status(404) return c.Render("errors/404", nil) } - if err != nil { + if err != nil { return err } @@ -41,8 +42,19 @@ func HandlePost(c *fiber.Ctx) error { c.Set("Cache-Control", "public,max-age=31557600") } + nonce := "" + csp := "default-src 'none'; media-src 'self'; img-src 'self'; font-src 'self'; manifest-src 'self'; block-all-mixed-content; style-src 'self'" + if len(post.Tags) != 0 { + b := make([]byte, 8) + rand.Read(b) + nonce = fmt.Sprintf("%x", b) + csp = csp + " 'nonce-" + nonce + "'" + } + c.Set("Content-Security-Policy", csp) + return c.Render("post", fiber.Map{ - "post": post, + "post": post, "comments": comments, + "nonce": nonce, }) -} \ No newline at end of file +} diff --git a/views/post.hbs b/views/post.hbs index 1980791..a94d391 100644 --- a/views/post.hbs +++ b/views/post.hbs @@ -74,9 +74,14 @@ {{#if post.tags}}
+ {{#each post.tags}} -
+

{{this.Display}}