cc_token_usage/output/html_new.rs
1/// The Vue frontend template, built from frontend/dist/index.html
2/// Rebuild with: cd frontend && npm run build && cp frontend/dist/index.html crates/cc-token-usage/src/output/template.html
3const TEMPLATE: &str = include_str!("template.html");
4
5/// Render the new Vue dashboard by injecting real data into the template.
6///
7/// Escapes dangerous sequences in JSON payload before embedding in `<script>`:
8/// - `</` → `<\/` prevents premature `</script>` closure
9/// - `<!--` → `<\!--` prevents HTML comment injection
10pub fn render_vue_dashboard(json_payload: &str) -> String {
11 let safe_payload = json_payload.replace("</", "<\\/").replace("<!--", "<\\!--");
12 TEMPLATE.replace("\"__DATA_PLACEHOLDER__\"", &safe_payload)
13}