mirror of
https://github.com/tiennm99/tsuki.git
synced 2026-05-23 12:26:04 +00:00
tiennm99
1eafaefff8
Security: - render-link: drop `| safeHTML` on .Text (self-XSS surface w/ Goldmark unsafe:true) - projects.html: safeURL + noreferrer + target=_blank on repo/demo - comments: require repo+repoId+categoryId in gate (prevent broken Giscus iframe) - htmltest-action: pin to commit SHA 31be84a (supply-chain) Fixed: - seo.html: nil-safe \$authorURL chain (no nil.url template error) - nav.html: relURL on Menu.URL (sub-path deploy correctness) - pages.yml: drop dead if-find Pagefind guard
25 lines
1.0 KiB
HTML
25 lines
1.0 KiB
HTML
{{- $g := site.Params.comments.giscus -}}
|
|
{{- if and $g $g.enable $g.repo $g.repoId $g.categoryId -}}
|
|
{{- if ne .Params.comments false -}}
|
|
<section class="comments" aria-labelledby="comments-heading">
|
|
<h2 id="comments-heading" class="comments-heading">{{ i18n "comments" | default "Bình luận" }}</h2>
|
|
<div class="giscus" data-giscus></div>
|
|
<script src="https://giscus.app/client.js"
|
|
data-repo="{{ $g.repo }}"
|
|
data-repo-id="{{ $g.repoId }}"
|
|
data-category="{{ $g.category | default "Announcements" }}"
|
|
data-category-id="{{ $g.categoryId }}"
|
|
data-mapping="{{ $g.mapping | default "pathname" }}"
|
|
data-strict="{{ $g.strict | default "0" }}"
|
|
data-reactions-enabled="{{ $g.reactionsEnabled | default "1" }}"
|
|
data-emit-metadata="0"
|
|
data-input-position="{{ $g.inputPosition | default "bottom" }}"
|
|
data-theme="{{ $g.theme | default "preferred_color_scheme" }}"
|
|
data-lang="{{ $g.lang | default "vi" }}"
|
|
data-loading="lazy"
|
|
crossorigin="anonymous"
|
|
async></script>
|
|
</section>
|
|
{{- end -}}
|
|
{{- end -}}
|