Documentation
¶
Overview ¶
Package render handles HTML template rendering and markdown-to-HTML conversion for the registry site.
Index ¶
- func CopyStaticAssets(srcDir, dstDir string) error
- func RenderMarkdown(markdown []byte) (template.HTML, error)
- func SanitizeHTML(html []byte) []byte
- func SanitizeSVG(svgContent []byte) template.HTML
- func SanitizeVCTM(vctm *VCTMData)
- func ValidateCredentialImageURI(uri string) bool
- func WriteOpenAPISpec(path string) error
- type AttributeCredRef
- type AttributeData
- type CredentialData
- type FormatInfo
- type OrgData
- type Renderer
- func (r *Renderer) RenderAPIDocs(outputDir string, data SiteData) error
- func (r *Renderer) RenderAttributes(outputDir string, data SiteData) error
- func (r *Renderer) RenderCredential(outputDir string, data CredentialData) error
- func (r *Renderer) RenderExtraDocPages(outputDir string, data SiteData) error
- func (r *Renderer) RenderIndex(outputDir string, data SiteData) error
- func (r *Renderer) RenderOrg(outputDir string, data OrgData) error
- func (r *Renderer) RenderRulebook(outputDir string, data CredentialData) error
- func (r *Renderer) RenderTS11Docs(outputDir string, data SiteData) error
- type SiteData
- type VCTMClaim
- type VCTMClaimDisplay
- type VCTMData
- type VCTMDisplay
- type VCTMImage
- type VCTMRendering
- type VCTMSVGTemplate
- type VCTMTemplateProps
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CopyStaticAssets ¶
CopyStaticAssets copies static files (CSS, images) from a source directory to the output directory, preserving the directory structure.
func RenderMarkdown ¶
RenderMarkdown converts markdown content to sanitized HTML. The output is sanitized with bluemonday to prevent XSS from untrusted markdown sources (e.g. external git repositories, rulebooks). Uses a strict policy that blocks dangerous elements while allowing safe formatting (bold, italic, links, tables, etc).
func SanitizeHTML ¶ added in v0.13.0
SanitizeHTML applies strict sanitization to HTML content from untrusted sources. Blocks dangerous elements while preserving safe formatting: - Allowed: paragraphs, headings, bold, italic, links, tables, lists, code, blockquotes - Blocked: scripts, objects, embeds, SVGs, style tags, event handlers, javascript: URIs - Blocked: style attributes that could inject CSS
func SanitizeSVG ¶ added in v0.13.0
SanitizeSVG sanitizes inline SVG content to remove scripts and event handlers. Inline SVGs from credential metadata are processed separately to allow safe SVG display while blocking XSS attacks. Returns empty string if SVG contains dangerous content that cannot be safely sanitized.
func SanitizeVCTM ¶ added in v0.13.0
func SanitizeVCTM(vctm *VCTMData)
SanitizeVCTM validates and sanitizes VCTM data from external sources. Validates image URIs to prevent data: URIs and other dangerous protocols. Mutates the input VCTM to remove unsafe URI references.
func ValidateCredentialImageURI ¶ added in v0.13.0
ValidateCredentialImageURI checks if an image URI is safe for credential display. Only allows http/https URIs, blocks data: URIs and javascript: protocols.
func WriteOpenAPISpec ¶
WriteOpenAPISpec writes the embedded OpenAPI specification to the given path.
Types ¶
type AttributeCredRef ¶ added in v0.7.0
type AttributeCredRef struct {
Org string
Slug string
Name string // credential display name or slug
}
AttributeCredRef links an attribute back to a credential.
type AttributeData ¶ added in v0.7.0
type AttributeData struct {
Path string // dot-joined claim path
DisplayName string // first non-empty display name found
Credentials []AttributeCredRef
}
AttributeData holds a single attribute (claim) with references to the credentials that define it.
func CollectAttributes ¶ added in v0.7.0
func CollectAttributes(credentials []CredentialData) []AttributeData
CollectAttributes aggregates claims from all credentials into a deduplicated cross-cutting index. Claims with the same dot-path are merged, collecting references to all credentials that define them.
type CredentialData ¶
type CredentialData struct {
Org string
Slug string
Schema *schemameta.SchemaMeta
TS11Compliant bool
HasRulebook bool
RulebookHTML template.HTML
// VCTM content
VCTM *VCTMData
RawVCTMJSON string
RawMdocJSON string
RawVCJSON string
HasMdoc bool
HasVC bool
AvailableFormats []FormatInfo
// Source info
SourceURL string
SourceOrg string
SourceRepo string
}
CredentialData holds the data for rendering a credential detail page.
type FormatInfo ¶
FormatInfo describes an available credential format file for download.
type OrgData ¶
type OrgData struct {
Name string
Credentials []CredentialData
HasTS11 bool
AvatarURL string
}
OrgData holds the data for rendering an organization page.
type Renderer ¶
type Renderer struct {
// contains filtered or unexported fields
}
Renderer renders HTML pages from Go templates.
func NewRenderer ¶
NewRenderer creates a renderer, loading default templates and optionally overlaying site-specific template overrides.
func (*Renderer) RenderAPIDocs ¶
RenderAPIDocs renders the API reference page.
func (*Renderer) RenderAttributes ¶ added in v0.7.0
RenderAttributes renders the Catalogue of Attributes page.
func (*Renderer) RenderCredential ¶
func (r *Renderer) RenderCredential(outputDir string, data CredentialData) error
RenderCredential renders a credential detail page.
func (*Renderer) RenderExtraDocPages ¶
RenderExtraDocPages renders any additional HTML templates loaded from the override directory that aren't part of the built-in set. They are rendered to docs/{name} in the output directory.
func (*Renderer) RenderIndex ¶
RenderIndex renders the site index page.
func (*Renderer) RenderRulebook ¶
func (r *Renderer) RenderRulebook(outputDir string, data CredentialData) error
RenderRulebook renders a rulebook markdown file to HTML.
type SiteData ¶
type SiteData struct {
BaseURL string
Credentials []CredentialData
BuildTime string
Orgs []OrgData
TS11Count int
Attributes []AttributeData
}
SiteData holds the data for rendering the site index page.
type VCTMClaim ¶
type VCTMClaim struct {
Path []string `json:"path"`
Display []VCTMClaimDisplay `json:"display,omitempty"`
}
VCTMClaim holds a single claim definition.
type VCTMClaimDisplay ¶
type VCTMClaimDisplay struct {
Name string `json:"name,omitempty"`
Locale string `json:"locale,omitempty"`
}
VCTMClaimDisplay holds display info for a claim.
type VCTMData ¶
type VCTMData struct {
VCT string `json:"vct,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
Extends string `json:"extends,omitempty"`
Display []VCTMDisplay `json:"display,omitempty"`
Claims []VCTMClaim `json:"claims,omitempty"`
}
VCTMData holds parsed SD-JWT VC Type Metadata content.
type VCTMDisplay ¶
type VCTMDisplay struct {
Locale string `json:"locale,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
BackgroundColor string `json:"background_color,omitempty"`
TextColor string `json:"text_color,omitempty"`
Logo *VCTMImage `json:"logo,omitempty"`
BackgroundImage *VCTMImage `json:"background_image,omitempty"`
Rendering *VCTMRendering `json:"rendering,omitempty"`
}
VCTMDisplay holds display properties for a VCTM credential.
type VCTMImage ¶
type VCTMImage struct {
URI string `json:"uri,omitempty"`
AltText string `json:"alt_text,omitempty"`
}
VCTMImage holds image data (logo or background).
type VCTMRendering ¶
type VCTMRendering struct {
SVGTemplates []VCTMSVGTemplate `json:"svg_templates,omitempty"`
}
VCTMRendering holds rendering hints for a display entry.
type VCTMSVGTemplate ¶
type VCTMSVGTemplate struct {
URI string `json:"uri,omitempty"`
Properties *VCTMTemplateProps `json:"properties,omitempty"`
}
VCTMSVGTemplate holds an SVG template reference.
type VCTMTemplateProps ¶
type VCTMTemplateProps struct {
Orientation string `json:"orientation,omitempty"`
ColorScheme string `json:"color_scheme,omitempty"`
Contrast string `json:"contrast,omitempty"`
}
VCTMTemplateProps describes SVG template rendering properties.