HTML-template data is HTML-encoded

Non-HTML-encoded HTML-template data causes problems in HTML
even when it appears inside JS string (resulting in the <script> tag being
closed by a </script> appearing inside a JS string).

Besides, the KIWIX_RESPONSE_DATA and KIWIX_RESPONSE_TEMPLATE variables
are set on the window object so that they can be accessed from the top
context.

This commit eliminates the need for the `escapeQuote` parameter in
`escapeForJSON()` (that was introduced earlier in this PR) since now it
is set to false in all call contexts. However from the consistency point
of view, the default and intuitive behaviour of `escapeForJSON()` should
be to escape the quote symbols, which justifies the existence of that
parameter.

src/server/response.cpp

@@ -305,7 +305,7 @@ std::unique_ptr<ContentResponse> ContentResponseBlueprint::generateResponseObjec
 {
   kainjow::mustache::data d = m_data->toMustache(m_request.get_user_language());
   if ( m_includeKiwixResponseData ) {
-    d.set("KIWIX_RESPONSE_TEMPLATE", escapeForJSON(m_template));
+    d.set("KIWIX_RESPONSE_TEMPLATE", escapeForJSON(m_template, false));
     d.set("KIWIX_RESPONSE_DATA", m_data->asJSON());
   }
   auto r = ContentResponse::build(m_template, d, m_mimeType);

static/templates/error.html

@@ -6,8 +6,8 @@
 {{#CSS_URL}}
     <link type="text/css" href="{{{CSS_URL}}}" rel="Stylesheet" />
 {{/CSS_URL}}{{#KIWIX_RESPONSE_DATA}}    <script>
-      const KIWIX_RESPONSE_TEMPLATE = "{{{KIWIX_RESPONSE_TEMPLATE}}}";
-      const KIWIX_RESPONSE_DATA = {{{KIWIX_RESPONSE_DATA}}};
+      window.KIWIX_RESPONSE_TEMPLATE = "{{KIWIX_RESPONSE_TEMPLATE}}";
+      window.KIWIX_RESPONSE_DATA = {{{KIWIX_RESPONSE_DATA}}};
     </script>{{/KIWIX_RESPONSE_DATA}}
   </head>
   <body>

test/response.cpp

@@ -46,8 +46,8 @@ R"(<!DOCTYPE html>
     <title>Content not found</title>
     <link type="text/css" href="/css/error.css" rel="Stylesheet" />
     <script>
-      const KIWIX_RESPONSE_TEMPLATE = "<!DOCTYPE html>\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\n  <head>\n    <meta content=\"text/html;charset=UTF-8\" http-equiv=\"content-type\" />\n    <title>{{PAGE_TITLE}}</title>\n{{#CSS_URL}}\n    <link type=\"text/css\" href=\"{{{CSS_URL}}}\" rel=\"Stylesheet\" />\n{{/CSS_URL}}{{#KIWIX_RESPONSE_DATA}}    <script>\n      const KIWIX_RESPONSE_TEMPLATE = \"{{{KIWIX_RESPONSE_TEMPLATE}}}\";\n      const KIWIX_RESPONSE_DATA = {{{KIWIX_RESPONSE_DATA}}};\n    </script>{{/KIWIX_RESPONSE_DATA}}\n  </head>\n  <body>\n    <h1>{{PAGE_HEADING}}</h1>\n{{#details}}\n    <p>\n      {{{p}}}\n    </p>\n{{/details}}\n  </body>\n</html>\n";
-      const KIWIX_RESPONSE_DATA = { "CSS_URL" : "/css/error.css", "PAGE_HEADING" : { "msgid" : "404-page-heading", "params" : { } }, "PAGE_TITLE" : { "msgid" : "404-page-title", "params" : { } }, "details" : [ { "p" : { "msgid" : "suggest-search", "params" : { "PATTERN" : "asdf", "SEARCH_URL" : "/search?q=asdf" } } } ] };
+      window.KIWIX_RESPONSE_TEMPLATE = "&lt;!DOCTYPE html&gt;\n&lt;html xmlns=&quot;http://www.w3.org/1999/xhtml&quot;&gt;\n  &lt;head&gt;\n    &lt;meta content=&quot;text/html;charset=UTF-8&quot; http-equiv=&quot;content-type&quot; /&gt;\n    &lt;title&gt;{{PAGE_TITLE}}&lt;/title&gt;\n{{#CSS_URL}}\n    &lt;link type=&quot;text/css&quot; href=&quot;{{{CSS_URL}}}&quot; rel=&quot;Stylesheet&quot; /&gt;\n{{/CSS_URL}}{{#KIWIX_RESPONSE_DATA}}    &lt;script&gt;\n      window.KIWIX_RESPONSE_TEMPLATE = &quot;{{KIWIX_RESPONSE_TEMPLATE}}&quot;;\n      window.KIWIX_RESPONSE_DATA = {{{KIWIX_RESPONSE_DATA}}};\n    &lt;/script&gt;{{/KIWIX_RESPONSE_DATA}}\n  &lt;/head&gt;\n  &lt;body&gt;\n    &lt;h1&gt;{{PAGE_HEADING}}&lt;/h1&gt;\n{{#details}}\n    &lt;p&gt;\n      {{{p}}}\n    &lt;/p&gt;\n{{/details}}\n  &lt;/body&gt;\n&lt;/html&gt;\n";
+      window.KIWIX_RESPONSE_DATA = { "CSS_URL" : "/css/error.css", "PAGE_HEADING" : { "msgid" : "404-page-heading", "params" : { } }, "PAGE_TITLE" : { "msgid" : "404-page-title", "params" : { } }, "details" : [ { "p" : { "msgid" : "suggest-search", "params" : { "PATTERN" : "asdf", "SEARCH_URL" : "/search?q=asdf" } } } ] };
     </script>
   </head>
   <body>
@@ -86,8 +86,8 @@ R"(<!DOCTYPE html>
     <title>[I18N TESTING] Not Found - Try Again</title>
     <link type="text/css" href="/css/error.css" rel="Stylesheet" />
     <script>
-      const KIWIX_RESPONSE_TEMPLATE = "<!DOCTYPE html>\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\n  <head>\n    <meta content=\"text/html;charset=UTF-8\" http-equiv=\"content-type\" />\n    <title>{{PAGE_TITLE}}</title>\n{{#CSS_URL}}\n    <link type=\"text/css\" href=\"{{{CSS_URL}}}\" rel=\"Stylesheet\" />\n{{/CSS_URL}}{{#KIWIX_RESPONSE_DATA}}    <script>\n      const KIWIX_RESPONSE_TEMPLATE = \"{{{KIWIX_RESPONSE_TEMPLATE}}}\";\n      const KIWIX_RESPONSE_DATA = {{{KIWIX_RESPONSE_DATA}}};\n    </script>{{/KIWIX_RESPONSE_DATA}}\n  </head>\n  <body>\n    <h1>{{PAGE_HEADING}}</h1>\n{{#details}}\n    <p>\n      {{{p}}}\n    </p>\n{{/details}}\n  </body>\n</html>\n";
-      const KIWIX_RESPONSE_DATA = { "CSS_URL" : "/css/error.css", "PAGE_HEADING" : { "msgid" : "404-page-heading", "params" : { } }, "PAGE_TITLE" : { "msgid" : "404-page-title", "params" : { } }, "details" : [ { "p" : { "msgid" : "suggest-search", "params" : { "PATTERN" : "asdf", "SEARCH_URL" : "/search?q=asdf" } } } ] };
+      window.KIWIX_RESPONSE_TEMPLATE = "&lt;!DOCTYPE html&gt;\n&lt;html xmlns=&quot;http://www.w3.org/1999/xhtml&quot;&gt;\n  &lt;head&gt;\n    &lt;meta content=&quot;text/html;charset=UTF-8&quot; http-equiv=&quot;content-type&quot; /&gt;\n    &lt;title&gt;{{PAGE_TITLE}}&lt;/title&gt;\n{{#CSS_URL}}\n    &lt;link type=&quot;text/css&quot; href=&quot;{{{CSS_URL}}}&quot; rel=&quot;Stylesheet&quot; /&gt;\n{{/CSS_URL}}{{#KIWIX_RESPONSE_DATA}}    &lt;script&gt;\n      window.KIWIX_RESPONSE_TEMPLATE = &quot;{{KIWIX_RESPONSE_TEMPLATE}}&quot;;\n      window.KIWIX_RESPONSE_DATA = {{{KIWIX_RESPONSE_DATA}}};\n    &lt;/script&gt;{{/KIWIX_RESPONSE_DATA}}\n  &lt;/head&gt;\n  &lt;body&gt;\n    &lt;h1&gt;{{PAGE_HEADING}}&lt;/h1&gt;\n{{#details}}\n    &lt;p&gt;\n      {{{p}}}\n    &lt;/p&gt;\n{{/details}}\n  &lt;/body&gt;\n&lt;/html&gt;\n";
+      window.KIWIX_RESPONSE_DATA = { "CSS_URL" : "/css/error.css", "PAGE_HEADING" : { "msgid" : "404-page-heading", "params" : { } }, "PAGE_TITLE" : { "msgid" : "404-page-title", "params" : { } }, "details" : [ { "p" : { "msgid" : "suggest-search", "params" : { "PATTERN" : "asdf", "SEARCH_URL" : "/search?q=asdf" } } } ] };
     </script>
   </head>
   <body>