1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
package tplfuncs
import (
"fmt"
"html/template"
"io"
"io/fs"
"path"
"code.crute.us/mcrute/golib/echo/middleware"
"github.com/labstack/echo/v4"
)
type TemplateEmbeder struct {
templateStore fs.FS
}
func (t *TemplateEmbeder) ConfigureTemplateStore(store fs.FS) {
t.templateStore = store
}
func (t *TemplateEmbeder) Embed(filename string) ([]byte, error) {
if t.templateStore == nil {
return nil, fmt.Errorf("EmbedWithCSP: has not been setup with template store")
}
fd, err := t.templateStore.Open(filename)
if err != nil {
return nil, err
}
defer fd.Close()
fc, err := io.ReadAll(fd)
if err != nil {
return nil, err
}
return fc, nil
}
func (t *TemplateEmbeder) EmbedHTML(filename string) (any, error) {
d, err := t.Embed(filename)
return template.HTML(d), err
}
func (t *TemplateEmbeder) embedWithCSP(filename string, c echo.Context) ([]byte, error) {
fc, err := t.Embed(filename)
if err != nil {
return nil, err
}
csp := &middleware.ContentSecurityPolicyConfig{}
switch path.Ext(filename) {
case ".js", ".json":
csp.ScriptSrc = []middleware.CSPDirective{
middleware.CSPSha256FromBytes(fc),
}
case ".css":
csp.StyleSrc = []middleware.CSPDirective{
middleware.CSPSha256FromBytes(fc),
}
default:
return nil, fmt.Errorf("EmbedWithCSP: file %s can not be embedded", filename)
}
middleware.ExtendCSP(c, csp)
return fc, nil
}
func (t *TemplateEmbeder) EmbedJSWithCSP(filename string, c echo.Context) (any, error) {
d, err := t.embedWithCSP(filename, c)
return template.JS(d), err
}
|