Commit Graph

13 Commits

Author SHA1 Message Date
zeripath
5248232c44
Try to prevent autolinking of displaynames by email readers (#19169)
Unfortunately many email readers will (helpfully) detect url or url-like names and
automatically create links to them, even in HTML emails. This is not ideal when
usernames can have dots in them.

This PR tries to prevent this behaviour by sticking ZWJ characters between dots and
also set the meta tag to prevent format detection.

Not every email template has been changed in this way - just the activation emails but
it may be that we should be setting the above meta tag in all of our emails too.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-03-23 12:34:20 +00:00
zeripath
bbffcc3aec
Multiple Escaping Improvements (#17551)
There are multiple places where Gitea does not properly escape URLs that it is building and there are multiple places where it builds urls when there is already a simpler function available to use this.
    
This is an extensive PR attempting to fix these issues.

1. The first commit in this PR looks through all href, src and links in the Gitea codebase and has attempted to catch all the places where there is potentially incomplete escaping.
2. Whilst doing this we will prefer to use functions that create URLs over recreating them by hand.
3. All uses of strings should be directly escaped - even if they are not currently expected to contain escaping characters. The main benefit to doing this will be that we can consider relaxing the constraints on user names and reponames in future. 
4. The next commit looks at escaping in the wiki and re-considers the urls that are used there. Using the improved escaping here wiki files containing '/'. (This implementation will currently still place all of the wiki files the root directory of the repo but this would not be difficult to change.)
5. The title generation in feeds is now properly escaped.
6. EscapePound is no longer needed - urls should be PathEscaped / QueryEscaped as necessary but then re-escaped with Escape when creating html with locales Signed-off-by: Andrew Thornton <art27@cantab.net>

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-16 18:18:25 +00:00
Meano
07284792d4
Fix invalid params and typo of email templates (#16394)
Signed-off-by: Meano <meanocat@gmail.com>
2021-07-10 19:40:14 +02:00
6543
be81dc8b20
Localize Email Templates (#16200)
close #14822
2021-06-23 14:33:21 +02:00
mrsdizzie
04003d9dc7 Make distinction between DisplayName and Username in email templates (#6495)
* Make distinction between DisplayName and Username in email templates

Store the actual username in the variable named Username and store the
separate DisplayName in another variable. This allows us to access the
actual username when we need, which currently fails if a user has set a
full name.

Fixes #6161

* Use u.Name directly

No need for extra function, also change use in all mail sending
functions here

* Don't include Username when not used
2019-04-04 10:52:48 +03:00
cezar97
51ba3df5ff Add noreferrer to rel='noopener` for <a> tags (#4328) 2018-07-03 19:52:36 -04:00
Arif
6e98812ecf Fix copy in email templates (#2801) 2017-10-29 23:57:05 +02:00
Jonas Östanbäck
b93568cce4 xxx_active_code_live setting in printed in hours and minutes instead … (#1814)
* xxx_active_code_live setting in printed in hours and minutes instead of just hours

* Update app.ini description of xxx_code_lives settings
2017-05-29 02:35:47 -05:00
Jonas
16732fbfde Removed email copyright year (#1348) 2017-03-21 18:00:39 +08:00
Bwko
5ab85372da Added rel="noopener" to target="_blank" hrefs (#327)
* Added rel="noopener" to target="_blank" hrefs

* Replaced gogs.io/docs with docs.gitea.io
2016-12-02 09:12:16 +08:00
Unknwon
f1b8d52eb3 #2854 fix no mail notification when issue is closed/reopened 2016-07-16 00:36:39 +08:00
Adam Strzelecki
da2585c11e Indent all templates with tabs
This commit improves templates readability, since all of them use consistent
indent with all template command blocks indented too.

1. Indents both HTML containers such as <div>, <p> and Go HTML template blocks
   such as {{if}} {{with}}

2. Cleans all trailing white-space

3. Adds trailing last line-break to each file
2015-12-08 00:57:46 +01:00
Unknwon
373731f5e8 user gomail and new activate account email tpl
- #1496: fallback plain text
- #1002: add date header
- #913: fix encoding of header
2015-09-17 01:54:12 -04:00