From ee285bcb0302c225c7949e91afb1055fdb632f13 Mon Sep 17 00:00:00 2001
From: Peter Sanchez
Date: Wed, 25 Sep 2024 18:26:14 -0600
Subject: [PATCH] Fixing overly helpful go template encoding issue with
specific org member invite emails
---
api/graph/schema.resolvers.go | 10 ++++------
core/routes.go | 4 ++--
templates/email_add_member_invitation_html.html | 2 +-
templates/email_add_member_invitation_text.txt | 2 +-
4 files changed, 8 insertions(+), 10 deletions(-)
diff --git a/api/graph/schema.resolvers.go b/api/graph/schema.resolvers.go
index a6d4304..694043d 100644
--- a/api/graph/schema.resolvers.go
+++ b/api/graph/schema.resolvers.go
@@ -11,7 +11,6 @@ import (
"encoding/base64"
"encoding/json"
"fmt"
- "html/template"
"image"
"image/jpeg"
"image/png"
@@ -874,20 +873,19 @@ func (r *mutationResolver) AddMember(ctx context.Context, input *model.MemberInp
}
confURL := links.GetLinksDomainURL(c)
- q := url.Values{}
- q.Set("key", conf.Key)
+ confURL.Path = fmt.Sprintf("/member/confirm/%s", conf.Key)
if isNewUser {
+ q := url.Values{}
q.Set("redirect", "true")
+ confURL.RawQuery = q.Encode()
}
- confURL.Path = "/member/confirm"
- confURL.RawQuery = q.Encode()
data := gobwebs.Map{
"title": lt.Translate("Link Taco: Invitation to join organization"),
"currentUser": currentUser.Name,
"user": user.Name,
"org": org.Name,
- "confURL": template.URL(confURL.String()),
+ "confURL": confURL.String(),
}
helper := email.NewHelper(srv.Email, tmap, tmpl)
err = helper.Send(
diff --git a/core/routes.go b/core/routes.go
index a5ece5c..45fafc6 100644
--- a/core/routes.go
+++ b/core/routes.go
@@ -47,7 +47,7 @@ func (s *Service) RegisterRoutes() {
s.Group.GET("/popular", s.PopularLinkList).Name = s.RouteName("popular_link_list")
s.Group.GET("/popular/rss", s.PopularLinkList).Name = s.RouteName("popular_link_list_rss")
s.Group.GET("/lang", SwiftLang).Name = s.RouteName("lang_switch")
- s.Group.GET("/member/confirm", s.OrgMemberConfirmation).Name = s.RouteName("org_member_confirmation")
+ s.Group.GET("/member/confirm/:key", s.OrgMemberConfirmation).Name = s.RouteName("org_member_confirmation")
s.Group.GET("/q/:hash", s.QRRedirect).Name = s.RouteName("qr_redirect")
s.Group.GET("/tour", s.FeatureTour).Name = s.RouteName("feature_tour")
s.Group.GET("/pricing", s.PricingList).Name = s.RouteName("pricing_list")
@@ -1199,7 +1199,7 @@ func (s *Service) OrgMembersDelete(c echo.Context) error {
// OrgMemberConfirmation ...
func (s *Service) OrgMemberConfirmation(c echo.Context) error {
- key := c.QueryParam("key")
+ key := c.Param("key")
if key == "" {
return echo.NotFoundHandler(c)
}
diff --git a/templates/email_add_member_invitation_html.html b/templates/email_add_member_invitation_html.html
index f08a73f..3a610da 100644
--- a/templates/email_add_member_invitation_html.html
+++ b/templates/email_add_member_invitation_html.html
@@ -4,6 +4,6 @@
Please click the link below:
- {{.confURL}}
+ {{ htmlSafe .confURL }}
{{template "email_base_footer" .}}
diff --git a/templates/email_add_member_invitation_text.txt b/templates/email_add_member_invitation_text.txt
index c394ae0..b06f891 100644
--- a/templates/email_add_member_invitation_text.txt
+++ b/templates/email_add_member_invitation_text.txt
@@ -2,4 +2,4 @@ You have been invited by {{.currentUser}} to join {{.org}} in links.
Please click the link below:
-{{.confURL}}
+{{ htmlSafe .confURL }}
--
2.45.2