route: no session for routes without UI (#6066)

Not all routes need session, register session and CSRF middleware as global is a waste of resource, and creating a lot one-time off yet never used session records.
2025-12-22 00:00:07 +01:00 · 2020-04-05 06:36:08 +08:00
parent bae1d6ccd8
commit 07818d5fa5
10 changed files with 529 additions and 532 deletions
--- a/internal/app/api.go
+++ b/internal/app/api.go
@@ -9,8 +9,6 @@ import (

 	"github.com/microcosm-cc/bluemonday"
 	"gopkg.in/macaron.v1"
-
-	"gogs.io/gogs/internal/context"
 )

 func ipynbSanitizer() *bluemonday.Policy {
@@ -24,13 +22,13 @@ func ipynbSanitizer() *bluemonday.Policy {
 func SanitizeIpynb() macaron.Handler {
 	p := ipynbSanitizer()

-	return func(c *context.Context) {
+	return func(c *macaron.Context) {
 		html, err := c.Req.Body().String()
 		if err != nil {
-			c.Error(err, "read body")
+			c.Error(http.StatusInternalServerError, "read body")
 			return
 		}

-		c.PlainText(http.StatusOK, p.Sanitize(html))
+		c.PlainText(http.StatusOK, []byte(p.Sanitize(html)))
 	}
 }