MCPcopy Index your code
hub / github.com/ZenNotes/zennotes / injectBasePathHint

Function injectBasePathHint

apps/server/internal/httpserver/server.go:1056–1066  ·  view source on GitHub ↗

injectBasePathHint splices a ` ` tag into the SPA shell so the bundled JS can route API calls through the configured prefix. A meta tag (instead of an inline script) keeps us inside the strict CSP — script-src is locked to 'self'.

(body []byte, basePath string)

Source from the content-addressed store, hash-verified

1054// configured prefix. A meta tag (instead of an inline script) keeps us
1055// inside the strict CSP — script-src is locked to 'self'.
1056func injectBasePathHint(body []byte, basePath string) []byte {
1057 snippet := []byte(`<meta name="zn-base-path" content="` + htmlAttrEscape(basePath) + `">`)
1058 if idx := indexOfFold(body, []byte("</head>")); idx >= 0 {
1059 out := make([]byte, 0, len(body)+len(snippet))
1060 out = append(out, body[:idx]...)
1061 out = append(out, snippet...)
1062 out = append(out, body[idx:]...)
1063 return out
1064 }
1065 return append(snippet, body...)
1066}
1067
1068// htmlAttrEscape escapes the characters that would let a base-path
1069// value break out of a double-quoted HTML attribute.

Callers 1

serveIndexHTMLMethod · 0.85

Calls 3

htmlAttrEscapeFunction · 0.85
indexOfFoldFunction · 0.85
appendFunction · 0.85

Tested by

no test coverage detected