Skip to main content

rustio_core/admin/
ui.rs

1//! HTML-escape helper used by Rust code that still concatenates
2//! small fragments outside the main minijinja templates (e.g. FK
3//! cell links inside `list_render`, form-field controls inside
4//! `form_render`). Every shell element — topbar, sidebar, page
5//! header — is rendered through templates as of 0.10.
6//!
7//! When templates can express something completely, prefer the
8//! template path over adding helpers here.
9
10/// HTML-escape user-supplied text for interpolation into attributes
11/// and text content. Handles `&`, `<`, `>`, `"`, `'`.
12pub fn html_escape(s: &str) -> String {
13    let mut out = String::with_capacity(s.len());
14    for c in s.chars() {
15        match c {
16            '&' => out.push_str("&amp;"),
17            '<' => out.push_str("&lt;"),
18            '>' => out.push_str("&gt;"),
19            '"' => out.push_str("&quot;"),
20            '\'' => out.push_str("&#39;"),
21            _ => out.push(c),
22        }
23    }
24    out
25}
26
27#[cfg(test)]
28mod tests {
29    use super::*;
30
31    #[test]
32    fn html_escape_handles_specials() {
33        assert_eq!(
34            html_escape("a & b < c > d \"e\" 'f'"),
35            "a &amp; b &lt; c &gt; d &quot;e&quot; &#39;f&#39;"
36        );
37    }
38}