[pbs-devel] [PATCH proxmox v4 4/7] rest-server: add custom handlebars escape fn
Gabriel Goller
g.goller at proxmox.com
Fri Sep 13 15:10:30 CEST 2024
Add a custom handlebars escape function. It's nearly identical to the
default `html_escape` fn [0], but it does not escape the '='. This is
needed to support base64 encoded values.
[0]: https://docs.rs/handlebars/latest/handlebars/fn.html_escape.html
Signed-off-by: Gabriel Goller <g.goller at proxmox.com>
---
proxmox-rest-server/src/api_config.rs | 28 ++++++++++++++++++++++++++-
1 file changed, 27 insertions(+), 1 deletion(-)
diff --git a/proxmox-rest-server/src/api_config.rs b/proxmox-rest-server/src/api_config.rs
index ddc37f2253a6..c37e49d1f04f 100644
--- a/proxmox-rest-server/src/api_config.rs
+++ b/proxmox-rest-server/src/api_config.rs
@@ -62,7 +62,7 @@ impl ApiConfig {
privileged_addr: None,
#[cfg(feature = "templates")]
- templates: Default::default(),
+ templates: templates::Templates::with_escape_fn(),
}
}
@@ -335,6 +335,32 @@ mod templates {
}
impl Templates {
+ pub fn with_escape_fn() -> Templates {
+ let mut registry = Handlebars::new();
+ // This is the same as the default `html_escape` fn in
+ // handlebars, **but** it does not escape the '='. This
+ // is to preserve base64 values.
+ registry.register_escape_fn(|value| {
+ let mut output = String::new();
+ for c in value.chars() {
+ match c {
+ '<' => output.push_str("<"),
+ '>' => output.push_str(">"),
+ '"' => output.push_str("""),
+ '&' => output.push_str("&"),
+ '\'' => output.push_str("'"),
+ '`' => output.push_str("`"),
+ _ => output.push(c),
+ }
+ }
+ output
+ });
+ Self {
+ templates: RwLock::new(registry),
+ template_files: RwLock::new(HashMap::new()),
+ }
+ }
+
pub fn register<P>(&self, name: &str, path: P) -> Result<(), Error>
where
P: Into<PathBuf>,
--
2.39.2
More information about the pbs-devel
mailing list