- use an array instead of a map for the schemes, as the overwhelming majority
of them will be either http or https, which we can place in front of the
array. This is faster than using a map.
- Simplify hasValidURIScheme by using strings.HasPrefix instead of doing
strings.IndexByte
- Simplify isBlockedResource by using a simple for loop, instead of a weird
slices.ContainsFunc+strings.Contains construct.
On my noisy system:
```
goos: linux
goarch: arm64
pkg: miniflux.app/v2/internal/reader/sanitizer
│ old.txt │ new.txt │
│ sec/op │ sec/op vs base │
Sanitize-8 22.19m ± 4% 21.97m ± 4% ~ (p=0.948 n=50)
```
This PR refactors the configuration parser, replacing the old parser implementation with a new, more structured approach that includes validation and improved organization.
Key changes:
- Complete rewrite of the configuration parser using a map-based structure with built-in validation
- Addition of comprehensive validator functions for configuration values
- Renamed numerous configuration getter methods for better consistency
- Look for JSON feeds in one pass instead of two
- Move conditions around to reduce the amount of comparisons
- Edit an existing test to exercise this commit's changes
Optimizes the filterValidXMLChars function by changing the loop variable type from int to uint to eliminate bound checks during compilation, resulting in a ~4% performance improvement.
- Changes loop variable i from int to uint to remove compiler-generated bound checks
- Adjusts type conversions accordingly to maintain correctness
```
goos: linux
goarch: arm64
pkg: miniflux.app/v2/internal/reader/parser
│ old.txt │ new.txt │
│ sec/op │ sec/op vs base │
Parse-8 40.91m ± 3% 39.30m ± 2% -3.94% (p=0.000 n=50)
```
- Implement a better/simpler polyfill for web browsers that don't supported
trusted types yet
- Use two separate policies: one to create HTML, another to create/use script
urls
- Instead of having the policy live in the top-level scope, they're now
declared at the lowest possible scope, right before they're used, making them
inaccessible outside of it. This puts their usage completely out of reach of
an attacker unable to gain some control outside of those two (small) scopes,
and thus removes the need to tighten the policies.
- Remove the now-unused tt.js file
This has been tested on Firefox (doesn't support trusted types) and on Chromium
(does support trusted types).
Replaces usage of the word "bookmark" with "star"/"starred" in order to be more
consistent with the UI and database models, and to reduce confusion with
"bookmarklet" and integration features.
This is in preparation of future work on read-it-later features.
Which are also not called "bookmarks" to prevent any further confusion.
https://github.com/orgs/miniflux/discussions/3719
Related-to: https://github.com/miniflux/v2/pull/2219
In general, duration is used as time unit representation.
At some places when int is returned, there's no documentation which unit is used.
So just convert to time.Duration ASAP.
- b.body can never be of type error, so let's remove it from the switch-case
construct.
- there is no need to use defer when the only return statement is two lines
after.
