Commit graph

19 commits

Author SHA1 Message Date
0ko f9ac5b327a Remove title from email heads (#3810)
One part of https://codeberg.org/forgejo/forgejo/pulls/3316, though it may have a little more files touched because I re-created the changes.

> Removed HTML `<title>` part in `<head>` that was present inconsistently in these emails. It doesn't appear to be used by other websites. After all, these are emails, not webpages.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3810
Reviewed-by: Otto <otto@codeberg.org>
2024-05-17 10:10:33 +00:00
Earl Warren 60aa763c51
templates: remove superfluous SanitizeHTML
Introduced by Rename Str2html to SanitizeHTML and clarify its behavior (followup)
2024-03-11 23:36:58 +07:00
Earl Warren 801792e4dc
Rename Str2html to SanitizeHTML and clarify its behavior (followup) 2024-03-06 12:10:45 +08:00
wxiaoguang 70f3c32b91
Remove incorrect and unnecessary Escape from templates (#29394)
Follow #29165

* some of them are incorrect, which would lead to double escaping (eg:
`(print (Escape $.RepoLink)`)
* other of them are not necessary, because `Tr` handles strings&HTML
automatically

Suggest to review by "unified view":
https://github.com/go-gitea/gitea/pull/29394/files?diff=unified&w=0

(cherry picked from commit d2f6588b66549b33adf8bac7044d03c89d668470)

Conflicts:
	templates/code/searchcombo.tmpl
	templates/mail/auth/register_notify.tmpl
	templates/mail/issue/default.tmpl
	templates/repo/code/recently_pushed_new_branches.tmpl
	templates/repo/search.tmpl
	templates/repo/settings/protected_branch.tmpl
	templates/user/auth/activate.tmpl
	templates/user/auth/forgot_passwd.tmpl
	templates/user/dashboard/feeds.tmpl
	context
2024-02-26 22:30:27 +01:00
wxiaoguang 31ab331b23
Remove incorrect HTML self close tag (#23748)
HTML is not XML.
2023-03-27 18:05:51 +02:00
Gusted d55a0b7238
Refactor i18n to locale (#20153)
* Refactor `i18n` to `locale`

- Currently we're using the `i18n` variable naming for the `locale`
struct. This contains locale's specific information and cannot be used
for general i18n purpose, therefore refactoring it to `locale` makes
more sense.
- Ref: https://github.com/go-gitea/gitea/pull/20096#discussion_r906699200

* Update routers/install/install.go
2022-06-27 15:58:46 -05:00
zeripath 5248232c44
Try to prevent autolinking of displaynames by email readers (#19169)
Unfortunately many email readers will (helpfully) detect url or url-like names and
automatically create links to them, even in HTML emails. This is not ideal when
usernames can have dots in them.

This PR tries to prevent this behaviour by sticking ZWJ characters between dots and
also set the meta tag to prevent format detection.

Not every email template has been changed in this way - just the activation emails but
it may be that we should be setting the above meta tag in all of our emails too.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-03-23 12:34:20 +00:00
zeripath bbffcc3aec
Multiple Escaping Improvements (#17551)
There are multiple places where Gitea does not properly escape URLs that it is building and there are multiple places where it builds urls when there is already a simpler function available to use this.
    
This is an extensive PR attempting to fix these issues.

1. The first commit in this PR looks through all href, src and links in the Gitea codebase and has attempted to catch all the places where there is potentially incomplete escaping.
2. Whilst doing this we will prefer to use functions that create URLs over recreating them by hand.
3. All uses of strings should be directly escaped - even if they are not currently expected to contain escaping characters. The main benefit to doing this will be that we can consider relaxing the constraints on user names and reponames in future. 
4. The next commit looks at escaping in the wiki and re-considers the urls that are used there. Using the improved escaping here wiki files containing '/'. (This implementation will currently still place all of the wiki files the root directory of the repo but this would not be difficult to change.)
5. The title generation in feeds is now properly escaped.
6. EscapePound is no longer needed - urls should be PathEscaped / QueryEscaped as necessary but then re-escaped with Escape when creating html with locales Signed-off-by: Andrew Thornton <art27@cantab.net>

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-16 18:18:25 +00:00
6543 be81dc8b20
Localize Email Templates (#16200)
close #14822
2021-06-23 14:33:21 +02:00
AJ ONeal 6dbd261852 UX + Security current user password reset (#5042)
* allow current user to reset their own password

* handle reset password edge cases properly and consistently

* remove dangling assignment

* properly label account recovery instead of reset password

* remove 'Click here' from button

* update English-only account-recovery templates
2019-04-18 10:23:59 +03:00
mrsdizzie 04003d9dc7 Make distinction between DisplayName and Username in email templates (#6495)
* Make distinction between DisplayName and Username in email templates

Store the actual username in the variable named Username and store the
separate DisplayName in another variable. This allows us to access the
actual username when we need, which currently fails if a user has set a
full name.

Fixes #6161

* Use u.Name directly

No need for extra function, also change use in all mail sending
functions here

* Don't include Username when not used
2019-04-04 10:52:48 +03:00
cezar97 51ba3df5ff Add noreferrer to rel='noopener` for <a> tags (#4328) 2018-07-03 19:52:36 -04:00
Michael Kuhn f86af9c280 Mention the possibility of resetting the password for new accounts (#3812)
This solves the problem of administrators creating accounts for users
that then do not know their initial password (without the administrator
sending it to them via some other channel).
2018-04-19 09:08:51 +08:00
Jonas 16732fbfde Removed email copyright year (#1348) 2017-03-21 18:00:39 +08:00
Bwko 5ab85372da Added rel="noopener" to target="_blank" hrefs (#327)
* Added rel="noopener" to target="_blank" hrefs

* Replaced gogs.io/docs with docs.gitea.io
2016-12-02 09:12:16 +08:00
Unknwon f1b8d52eb3 #2854 fix no mail notification when issue is closed/reopened 2016-07-16 00:36:39 +08:00
Adam Strzelecki da2585c11e Indent all templates with tabs
This commit improves templates readability, since all of them use consistent
indent with all template command blocks indented too.

1. Indents both HTML containers such as <div>, <p> and Go HTML template blocks
   such as {{if}} {{with}}

2. Cleans all trailing white-space

3. Adds trailing last line-break to each file
2015-12-08 00:57:46 +01:00
Unknwon d2808e38fe fix #1979 2015-11-18 14:51:38 -05:00
Unknwon 21e13cb51e #1525 Triggere mailer for admin created accounts 2015-09-25 19:45:44 -04:00