diff --git a/snippetbox/cmd/web/handlers.go b/snippetbox/cmd/web/handlers.go
index 5c77f5e..b574838 100644
--- a/snippetbox/cmd/web/handlers.go
+++ b/snippetbox/cmd/web/handlers.go
@@ -22,9 +22,8 @@ func (app *application) home(w http.ResponseWriter, r *http.Request) {
return
}
- data := templateData{
- Snippets: snippets,
- }
+ data := app.newTemplateData(r)
+ data.Snippets = snippets
app.render(w, r, http.StatusOK, "home.tmpl", data)
}
@@ -47,9 +46,8 @@ func (app *application) snippetView(w http.ResponseWriter, r *http.Request) {
return
}
- data := templateData{
- Snippet: snippet,
- }
+ data := app.newTemplateData(r)
+ data.Snippet = snippet
app.render(w, r, http.StatusOK, "view.tmpl", data)
}
diff --git a/snippetbox/cmd/web/helpers.go b/snippetbox/cmd/web/helpers.go
index 6b7e19c..13a9866 100644
--- a/snippetbox/cmd/web/helpers.go
+++ b/snippetbox/cmd/web/helpers.go
@@ -6,8 +6,17 @@ import (
"log/slog"
"net/http"
"runtime/debug"
+ "time"
)
+// newTemplateData ...
+func (app *application )newTemplateData(r *http.Request) templateData {
+ return templateData{
+ CurrentYear: time.Now().Year(),
+ }
+
+}
+
// render ...
func (app *application) render(w http.ResponseWriter, r *http.Request, status int, page string, data templateData) {
ts, ok := app.templateCache[page]
diff --git a/snippetbox/cmd/web/middleware.go b/snippetbox/cmd/web/middleware.go
new file mode 100644
index 0000000..3cd0b1c
--- /dev/null
+++ b/snippetbox/cmd/web/middleware.go
@@ -0,0 +1,18 @@
+package main
+
+import (
+ "net/http"
+)
+
+func secureHeaders(next http.Handler) http.Handler {
+ return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+ w.Header().Set("Content-Security-Policy",
+ "default-src 'self'; style-src 'self' fonts.googleapis.com; font-src fonts.gstatic.com")
+ w.Header().Set("Referrer-Policy", "origin-when-cross-origin")
+ w.Header().Set("X-Content-Type-Options", "nosniff")
+ w.Header().Set("X-Frame-Options", "deny")
+ w.Header().Set("X-XSS-Protection", "0")
+
+ next.ServeHTTP(w, r)
+ })
+}
diff --git a/snippetbox/cmd/web/routes.go b/snippetbox/cmd/web/routes.go
index 9f67c0b..0641145 100644
--- a/snippetbox/cmd/web/routes.go
+++ b/snippetbox/cmd/web/routes.go
@@ -5,7 +5,7 @@ import (
)
// routes ...
-func (app *application) routes() *http.ServeMux {
+func (app *application) routes() http.Handler {
mux := http.NewServeMux()
// setup server for static files
@@ -16,5 +16,5 @@ func (app *application) routes() *http.ServeMux {
mux.HandleFunc("/snippet/view", app.snippetView)
mux.HandleFunc("/snippet/create", app.snippetCreate)
- return mux
+ return secureHeaders(mux)
}
diff --git a/snippetbox/cmd/web/templates.go b/snippetbox/cmd/web/templates.go
index 79e5d76..0f63951 100644
--- a/snippetbox/cmd/web/templates.go
+++ b/snippetbox/cmd/web/templates.go
@@ -3,15 +3,26 @@ package main
import (
"html/template"
"path/filepath"
+ "time"
"snippetbox.chaosfem.tw/internal/models"
)
type templateData struct {
+ CurrentYear int
Snippet models.Snippet
Snippets []models.Snippet
}
+// humanDate ...
+func humanDate(t time.Time) string {
+ return t.Format("02 Jan 2006 at 15:04")
+}
+
+var functions = template.FuncMap{
+ "humanDate": humanDate,
+}
+
// newTemplateCache ...
func newTemplateCache() (map[string]*template.Template, error) {
cache := map[string]*template.Template{}
@@ -24,7 +35,7 @@ func newTemplateCache() (map[string]*template.Template, error) {
for _, page := range pages {
name := filepath.Base(page)
- ts, err := template.ParseFiles("./ui/html/base.tmpl")
+ ts, err := template.New(name).Funcs(functions).ParseFiles("./ui/html/base.tmpl")
if err != nil {
return nil, err
}
diff --git a/snippetbox/ui/html/base.tmpl b/snippetbox/ui/html/base.tmpl
index 3786d63..3e0369d 100644
--- a/snippetbox/ui/html/base.tmpl
+++ b/snippetbox/ui/html/base.tmpl
@@ -16,7 +16,9 @@
{{template "main" .}}
-
+