Changed: DB Params

2025-03-20 12:35:13 +01:00
parent 8640a12439
commit b71b3d12ca
822 changed files with 134218 additions and 0 deletions
--- a/templ/generator/test-attribute-escaping/expected.html
+++ b/templ/generator/test-attribute-escaping/expected.html
@@ -0,0 +1,6 @@
+<div>
+	<a href="about:invalid#TemplFailedSanitizationURL">text</a>
+</div>
+<div>
+	<button hx-post="/click" hx-trigger="click" hx-vals='{"val":"Value"}'>Click</button>
+</div>
--- a/templ/generator/test-attribute-escaping/render_test.go
+++ b/templ/generator/test-attribute-escaping/render_test.go
@@ -0,0 +1,23 @@
+package testhtml
+
+import (
+	_ "embed"
+	"testing"
+
+	"github.com/a-h/templ/generator/htmldiff"
+)
+
+//go:embed expected.html
+var expected string
+
+func Test(t *testing.T) {
+	component := BasicTemplate(`javascript: alert("xss");`)
+
+	diff, err := htmldiff.Diff(component, expected)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if diff != "" {
+		t.Error(diff)
+	}
+}
--- a/templ/generator/test-attribute-escaping/template.templ
+++ b/templ/generator/test-attribute-escaping/template.templ
@@ -0,0 +1,14 @@
+package testhtml
+
+templ BasicTemplate(url string) {
+	<div>
+		<a href={ templ.URL(url) }>text</a>
+	</div>
+	<div>
+		<button
+			hx-post="/click"
+			hx-trigger="click"
+			hx-vals='{"val":"Value"}'
+		>Click</button>
+	</div>
+}
--- a/templ/generator/test-attribute-escaping/template_templ.go
+++ b/templ/generator/test-attribute-escaping/template_templ.go
@@ -0,0 +1,49 @@
+// Code generated by templ - DO NOT EDIT.
+
+// templ: version: v0.3.833
+package testhtml
+
+//lint:file-ignore SA4006 This context is only used if a nested component is present.
+
+import "github.com/a-h/templ"
+import templruntime "github.com/a-h/templ/runtime"
+
+func BasicTemplate(url string) templ.Component {
+	return templruntime.GeneratedTemplate(func(templ_7745c5c3_Input templruntime.GeneratedComponentInput) (templ_7745c5c3_Err error) {
+		templ_7745c5c3_W, ctx := templ_7745c5c3_Input.Writer, templ_7745c5c3_Input.Context
+		if templ_7745c5c3_CtxErr := ctx.Err(); templ_7745c5c3_CtxErr != nil {
+			return templ_7745c5c3_CtxErr
+		}
+		templ_7745c5c3_Buffer, templ_7745c5c3_IsBuffer := templruntime.GetBuffer(templ_7745c5c3_W)
+		if !templ_7745c5c3_IsBuffer {
+			defer func() {
+				templ_7745c5c3_BufErr := templruntime.ReleaseBuffer(templ_7745c5c3_Buffer)
+				if templ_7745c5c3_Err == nil {
+					templ_7745c5c3_Err = templ_7745c5c3_BufErr
+				}
+			}()
+		}
+		ctx = templ.InitializeContext(ctx)
+		templ_7745c5c3_Var1 := templ.GetChildren(ctx)
+		if templ_7745c5c3_Var1 == nil {
+			templ_7745c5c3_Var1 = templ.NopComponent
+		}
+		ctx = templ.ClearChildren(ctx)
+		templ_7745c5c3_Err = templruntime.WriteString(templ_7745c5c3_Buffer, 1, "<div><a href=\"")
+		if templ_7745c5c3_Err != nil {
+			return templ_7745c5c3_Err
+		}
+		var templ_7745c5c3_Var2 templ.SafeURL = templ.URL(url)
+		_, templ_7745c5c3_Err = templ_7745c5c3_Buffer.WriteString(templ.EscapeString(string(templ_7745c5c3_Var2)))
+		if templ_7745c5c3_Err != nil {
+			return templ_7745c5c3_Err
+		}
+		templ_7745c5c3_Err = templruntime.WriteString(templ_7745c5c3_Buffer, 2, "\">text</a></div><div><button hx-post=\"/click\" hx-trigger=\"click\" hx-vals=\"{&#34;val&#34;:&#34;Value&#34;}\">Click</button></div>")
+		if templ_7745c5c3_Err != nil {
+			return templ_7745c5c3_Err
+		}
+		return nil
+	})
+}
+
+var _ = templruntime.GeneratedTemplate