[performance] http response encoding / writing improvements (#2374)

internal/api/activitypub/emoji/emojiget.go

@@ -18,7 +18,6 @@
 package emoji
 
 import (
-	"encoding/json"
 	"errors"
 	"net/http"
 	"strings"
@@ -36,7 +35,7 @@ func (m *Module) EmojiGetHandler(c *gin.Context) {
 		return
 	}
 
-	format, err := apiutil.NegotiateAccept(c, apiutil.ActivityPubHeaders...)
+	contentType, err := apiutil.NegotiateAccept(c, apiutil.ActivityPubHeaders...)
 	if err != nil {
 		apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1)
 		return
@@ -48,11 +47,12 @@ func (m *Module) EmojiGetHandler(c *gin.Context) {
 		return
 	}
 
-	b, err := json.Marshal(resp)
+	// Encode JSON HTTP response.
-	if err != nil {
+	apiutil.EncodeJSONResponse(
-		apiutil.ErrorHandler(c, gtserror.NewErrorInternalError(err), m.processor.InstanceGetV1)
+		c.Writer,
-		return
+		c.Request,
-	}
+		http.StatusOK,
-
+		contentType,
-	c.Data(http.StatusOK, format, b)
+		resp,
+	)
 }

internal/api/activitypub/publickey/publickeyget.go

@@ -18,7 +18,6 @@
 package publickey
 
 import (
-	"encoding/json"
 	"errors"
 	"net/http"
 	"strings"
@@ -42,13 +41,13 @@ func (m *Module) PublicKeyGETHandler(c *gin.Context) {
 		return
 	}
 
-	format, err := apiutil.NegotiateAccept(c, apiutil.ActivityPubOrHTMLHeaders...)
+	contentType, err := apiutil.NegotiateAccept(c, apiutil.ActivityPubOrHTMLHeaders...)
 	if err != nil {
 		apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1)
 		return
 	}
 
-	if format == string(apiutil.TextHTML) {
+	if contentType == string(apiutil.TextHTML) {
 		// redirect to the user's profile
 		c.Redirect(http.StatusSeeOther, "/@"+requestedUsername)
 		return
@@ -60,11 +59,12 @@ func (m *Module) PublicKeyGETHandler(c *gin.Context) {
 		return
 	}
 
-	b, err := json.Marshal(resp)
+	// Encode JSON HTTP response.
-	if err != nil {
+	apiutil.EncodeJSONResponse(
-		apiutil.ErrorHandler(c, gtserror.NewErrorInternalError(err), m.processor.InstanceGetV1)
+		c.Writer,
-		return
+		c.Request,
-	}
+		http.StatusOK,
-
+		contentType,
-	c.Data(http.StatusOK, format, b)
+		resp,
+	)
 }

internal/api/activitypub/users/featured.go

@@ -18,7 +18,6 @@
 package users
 
 import (
-	"encoding/json"
 	"errors"
 	"net/http"
 	"strings"
@@ -67,13 +66,13 @@ func (m *Module) FeaturedCollectionGETHandler(c *gin.Context) {
 		return
 	}
 
-	format, err := apiutil.NegotiateAccept(c, apiutil.ActivityPubOrHTMLHeaders...)
+	contentType, err := apiutil.NegotiateAccept(c, apiutil.ActivityPubOrHTMLHeaders...)
 	if err != nil {
 		apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1)
 		return
 	}
 
-	if format == string(apiutil.TextHTML) {
+	if contentType == string(apiutil.TextHTML) {
 		// This isn't an ActivityPub request;
 		// redirect to the user's profile.
 		c.Redirect(http.StatusSeeOther, "/@"+requestedUsername)
@@ -86,11 +85,5 @@ func (m *Module) FeaturedCollectionGETHandler(c *gin.Context) {
 		return
 	}
 
-	b, err := json.Marshal(resp)
+	apiutil.JSONType(c, http.StatusOK, contentType, resp)
-	if err != nil {
-		apiutil.ErrorHandler(c, gtserror.NewErrorInternalError(err), m.processor.InstanceGetV1)
-		return
-	}
-
-	c.Data(http.StatusOK, format, b)
 }

internal/api/activitypub/users/followers.go

@@ -18,7 +18,6 @@
 package users
 
 import (
-	"encoding/json"
 	"errors"
 	"net/http"
 	"strings"
@@ -39,13 +38,13 @@ func (m *Module) FollowersGETHandler(c *gin.Context) {
 		return
 	}
 
-	format, err := apiutil.NegotiateAccept(c, apiutil.ActivityPubOrHTMLHeaders...)
+	contentType, err := apiutil.NegotiateAccept(c, apiutil.ActivityPubOrHTMLHeaders...)
 	if err != nil {
 		apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1)
 		return
 	}
 
-	if format == string(apiutil.TextHTML) {
+	if contentType == string(apiutil.TextHTML) {
 		// This isn't an ActivityPub request;
 		// redirect to the user's profile.
 		c.Redirect(http.StatusSeeOther, "/@"+requestedUsername)
@@ -68,11 +67,5 @@ func (m *Module) FollowersGETHandler(c *gin.Context) {
 		return
 	}
 
-	b, err := json.Marshal(resp)
+	apiutil.JSONType(c, http.StatusOK, contentType, resp)
-	if err != nil {
-		apiutil.ErrorHandler(c, gtserror.NewErrorInternalError(err), m.processor.InstanceGetV1)
-		return
-	}
-
-	c.Data(http.StatusOK, format, b)
 }

internal/api/activitypub/users/following.go

@@ -18,7 +18,6 @@
 package users
 
 import (
-	"encoding/json"
 	"errors"
 	"net/http"
 	"strings"
@@ -39,13 +38,13 @@ func (m *Module) FollowingGETHandler(c *gin.Context) {
 		return
 	}
 
-	format, err := apiutil.NegotiateAccept(c, apiutil.ActivityPubOrHTMLHeaders...)
+	contentType, err := apiutil.NegotiateAccept(c, apiutil.ActivityPubOrHTMLHeaders...)
 	if err != nil {
 		apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1)
 		return
 	}
 
-	if format == string(apiutil.TextHTML) {
+	if contentType == string(apiutil.TextHTML) {
 		// This isn't an ActivityPub request;
 		// redirect to the user's profile.
 		c.Redirect(http.StatusSeeOther, "/@"+requestedUsername)
@@ -68,11 +67,5 @@ func (m *Module) FollowingGETHandler(c *gin.Context) {
 		return
 	}
 
-	b, err := json.Marshal(resp)
+	apiutil.JSONType(c, http.StatusOK, contentType, resp)
-	if err != nil {
-		apiutil.ErrorHandler(c, gtserror.NewErrorInternalError(err), m.processor.InstanceGetV1)
-		return
-	}
-
-	c.Data(http.StatusOK, format, b)
 }

internal/api/activitypub/users/inboxpost.go

@@ -47,6 +47,5 @@ func (m *Module) InboxPOSTHandler(c *gin.Context) {
 		return
 	}
 
-	// Inbox POST body was Accepted for processing.
+	apiutil.Data(c, http.StatusAccepted, apiutil.AppJSON, apiutil.StatusAcceptedJSON)
-	c.JSON(http.StatusAccepted, gin.H{"status": http.StatusText(http.StatusAccepted)})
 }

internal/api/activitypub/users/outboxget.go

@@ -18,7 +18,6 @@
 package users
 
 import (
-	"encoding/json"
 	"errors"
 	"fmt"
 	"net/http"
@@ -93,13 +92,13 @@ func (m *Module) OutboxGETHandler(c *gin.Context) {
 		return
 	}
 
-	format, err := apiutil.NegotiateAccept(c, apiutil.ActivityPubOrHTMLHeaders...)
+	contentType, err := apiutil.NegotiateAccept(c, apiutil.ActivityPubOrHTMLHeaders...)
 	if err != nil {
 		apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1)
 		return
 	}
 
-	if format == string(apiutil.TextHTML) {
+	if contentType == string(apiutil.TextHTML) {
 		// This isn't an ActivityPub request;
 		// redirect to the user's profile.
 		c.Redirect(http.StatusSeeOther, "/@"+requestedUsername)
@@ -135,11 +134,5 @@ func (m *Module) OutboxGETHandler(c *gin.Context) {
 		return
 	}
 
-	b, err := json.Marshal(resp)
+	apiutil.JSONType(c, http.StatusOK, contentType, resp)
-	if err != nil {
-		apiutil.ErrorHandler(c, gtserror.NewErrorInternalError(err), m.processor.InstanceGetV1)
-		return
-	}
-
-	c.Data(http.StatusOK, format, b)
 }

internal/api/activitypub/users/outboxget_test.go

@@ -209,7 +209,7 @@ func (suite *OutboxGetTestSuite) TestGetOutboxNextPage() {
 	suite.NoError(err)
 	suite.Equal(`{
   "@context": "https://www.w3.org/ns/activitystreams",
-  "id": "http://localhost:8080/users/the_mighty_zork/outbox?page=true\u0026maxID=01F8MHAMCHF6Y650WCRSCP4WMY",
+  "id": "http://localhost:8080/users/the_mighty_zork/outbox?page=true&maxID=01F8MHAMCHF6Y650WCRSCP4WMY",
   "orderedItems": [],
   "partOf": "http://localhost:8080/users/the_mighty_zork/outbox",
   "type": "OrderedCollectionPage"

internal/api/activitypub/users/repliesget.go

@@ -18,7 +18,6 @@
 package users
 
 import (
-	"encoding/json"
 	"errors"
 	"net/http"
 	"strings"
@@ -107,13 +106,13 @@ func (m *Module) StatusRepliesGETHandler(c *gin.Context) {
 		return
 	}
 
-	format, err := apiutil.NegotiateAccept(c, apiutil.ActivityPubOrHTMLHeaders...)
+	contentType, err := apiutil.NegotiateAccept(c, apiutil.ActivityPubOrHTMLHeaders...)
 	if err != nil {
 		apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1)
 		return
 	}
 
-	if format == string(apiutil.TextHTML) {
+	if contentType == string(apiutil.TextHTML) {
 		// redirect to the status
 		c.Redirect(http.StatusSeeOther, "/@"+requestedUsername+"/statuses/"+requestedStatusID)
 		return
@@ -161,12 +160,5 @@ func (m *Module) StatusRepliesGETHandler(c *gin.Context) {
 		return
 	}
 
-	b, err := json.Marshal(resp)
+	apiutil.JSONType(c, http.StatusOK, contentType, resp)
-	if err != nil {
-		errWithCode := gtserror.NewErrorInternalError(err)
-		apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
-		return
-	}
-
-	c.Data(http.StatusOK, format, b)
 }

internal/api/activitypub/users/repliesget_test.go

@@ -266,11 +266,16 @@ func toJSON(a any) string {
 		}
 		a = m
 	}
-	b, err := json.MarshalIndent(a, "", "  ")
+	var dst bytes.Buffer
+	enc := json.NewEncoder(&dst)
+	enc.SetIndent("", "  ")
+	enc.SetEscapeHTML(false)
+	err := enc.Encode(a)
 	if err != nil {
 		panic(err)
 	}
-	return string(b)
+	dst.Truncate(dst.Len() - 1) // drop new-line
+	return dst.String()
 }
 
 // indentJSON will return indented JSON from raw provided JSON.

internal/api/activitypub/users/statusget.go

@@ -18,7 +18,6 @@
 package users
 
 import (
-	"encoding/json"
 	"errors"
 	"net/http"
 	"strings"
@@ -46,13 +45,13 @@ func (m *Module) StatusGETHandler(c *gin.Context) {
 		return
 	}
 
-	format, err := apiutil.NegotiateAccept(c, apiutil.ActivityPubOrHTMLHeaders...)
+	contentType, err := apiutil.NegotiateAccept(c, apiutil.ActivityPubOrHTMLHeaders...)
 	if err != nil {
 		apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1)
 		return
 	}
 
-	if format == string(apiutil.TextHTML) {
+	if contentType == string(apiutil.TextHTML) {
 		// redirect to the status
 		c.Redirect(http.StatusSeeOther, "/@"+requestedUsername+"/statuses/"+requestedStatusID)
 		return
@@ -64,11 +63,5 @@ func (m *Module) StatusGETHandler(c *gin.Context) {
 		return
 	}
 
-	b, err := json.Marshal(resp)
+	apiutil.JSONType(c, http.StatusOK, contentType, resp)
-	if err != nil {
-		apiutil.ErrorHandler(c, gtserror.NewErrorInternalError(err), m.processor.InstanceGetV1)
-		return
-	}
-
-	c.Data(http.StatusOK, format, b)
 }

internal/api/activitypub/users/userget.go

@@ -18,7 +18,6 @@
 package users
 
 import (
-	"encoding/json"
 	"errors"
 	"net/http"
 	"strings"
@@ -46,13 +45,13 @@ func (m *Module) UsersGETHandler(c *gin.Context) {
 		return
 	}
 
-	format, err := apiutil.NegotiateAccept(c, apiutil.ActivityPubOrHTMLHeaders...)
+	contentType, err := apiutil.NegotiateAccept(c, apiutil.ActivityPubOrHTMLHeaders...)
 	if err != nil {
 		apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1)
 		return
 	}
 
-	if format == string(apiutil.TextHTML) {
+	if contentType == string(apiutil.TextHTML) {
 		// redirect to the user's profile
 		c.Redirect(http.StatusSeeOther, "/@"+requestedUsername)
 		return
@@ -64,11 +63,5 @@ func (m *Module) UsersGETHandler(c *gin.Context) {
 		return
 	}
 
-	b, err := json.Marshal(resp)
+	apiutil.JSONType(c, http.StatusOK, contentType, resp)
-	if err != nil {
-		apiutil.ErrorHandler(c, gtserror.NewErrorInternalError(err), m.processor.InstanceGetV1)
-		return
-	}
-
-	c.Data(http.StatusOK, format, b)
 }

internal/api/auth/token.go

@@ -110,5 +110,11 @@ func (m *Module) TokenPOSTHandler(c *gin.Context) {
 
 	c.Header("Cache-Control", "no-store")
 	c.Header("Pragma", "no-cache")
-	c.JSON(http.StatusOK, token)
+	apiutil.EncodeJSONResponse(
+		c.Writer,
+		c.Request,
+		http.StatusOK,
+		apiutil.AppJSON,
+		token,
+	)
 }

internal/api/client/accounts/accountcreate.go

@@ -107,7 +107,7 @@ func (m *Module) AccountCreatePOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, ti)
+	apiutil.JSON(c, http.StatusOK, ti)
 }
 
 // validateNormalizeCreateAccount checks through all the necessary prerequisites for creating a new account,

internal/api/client/accounts/accountdelete.go

@@ -96,5 +96,7 @@ func (m *Module) AccountDeletePOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusAccepted, gin.H{"message": "accepted"})
+	apiutil.JSON(c, http.StatusAccepted, map[string]string{
+		"message": "accepted",
+	})
 }

internal/api/client/accounts/accountget.go

@@ -90,5 +90,5 @@ func (m *Module) AccountGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, acctInfo)
+	apiutil.JSON(c, http.StatusOK, acctInfo)
 }

internal/api/client/accounts/accountupdate.go

@@ -170,7 +170,7 @@ func (m *Module) AccountUpdateCredentialsPATCHHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, acctSensitive)
+	apiutil.JSON(c, http.StatusOK, acctSensitive)
 }
 
 // fieldsAttributesFormBinding satisfies gin's binding.Binding interface.

internal/api/client/accounts/accountverify.go

@@ -73,5 +73,5 @@ func (m *Module) AccountVerifyGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, acctSensitive)
+	apiutil.JSON(c, http.StatusOK, acctSensitive)
 }

internal/api/client/accounts/block.go

@@ -90,5 +90,5 @@ func (m *Module) AccountBlockPOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, relationship)
+	apiutil.JSON(c, http.StatusOK, relationship)
 }

internal/api/client/accounts/follow.go

@@ -122,5 +122,5 @@ func (m *Module) AccountFollowPOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, relationship)
+	apiutil.JSON(c, http.StatusOK, relationship)
 }

internal/api/client/accounts/followers.go

@@ -151,5 +151,5 @@ func (m *Module) AccountFollowersGETHandler(c *gin.Context) {
 		c.Header("Link", resp.LinkHeader)
 	}
 
-	c.JSON(http.StatusOK, resp.Items)
+	apiutil.JSON(c, http.StatusOK, resp.Items)
 }

internal/api/client/accounts/following.go

@@ -151,5 +151,5 @@ func (m *Module) AccountFollowingGETHandler(c *gin.Context) {
 		c.Header("Link", resp.LinkHeader)
 	}
 
-	c.JSON(http.StatusOK, resp.Items)
+	apiutil.JSON(c, http.StatusOK, resp.Items)
 }

internal/api/client/accounts/lists.go

@@ -93,5 +93,5 @@ func (m *Module) AccountListsGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, lists)
+	apiutil.JSON(c, http.StatusOK, lists)
 }

internal/api/client/accounts/lookup.go

@@ -89,5 +89,5 @@ func (m *Module) AccountLookupGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, account)
+	apiutil.JSON(c, http.StatusOK, account)
 }

internal/api/client/accounts/note.go

@@ -104,5 +104,5 @@ func (m *Module) AccountNotePOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, relationship)
+	apiutil.JSON(c, http.StatusOK, relationship)
 }

internal/api/client/accounts/relationships.go

@@ -106,5 +106,5 @@ func (m *Module) AccountRelationshipsGETHandler(c *gin.Context) {
 		relationships = append(relationships, *r)
 	}
 
-	c.JSON(http.StatusOK, relationships)
+	apiutil.JSON(c, http.StatusOK, relationships)
 }

internal/api/client/accounts/search.go

@@ -162,5 +162,5 @@ func (m *Module) AccountSearchGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, results)
+	apiutil.JSON(c, http.StatusOK, results)
 }

internal/api/client/accounts/statuses.go

@@ -241,5 +241,6 @@ func (m *Module) AccountStatusesGETHandler(c *gin.Context) {
 	if resp.LinkHeader != "" {
 		c.Header("Link", resp.LinkHeader)
 	}
-	c.JSON(http.StatusOK, resp.Items)
+
+	apiutil.JSON(c, http.StatusOK, resp.Items)
 }

internal/api/client/accounts/unblock.go

@@ -91,5 +91,6 @@ func (m *Module) AccountUnblockPOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, relationship)
+	apiutil.JSON(c, http.StatusOK, relationship)
+
 }

internal/api/client/accounts/unfollow.go

@@ -91,5 +91,5 @@ func (m *Module) AccountUnfollowPOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, relationship)
+	apiutil.JSON(c, http.StatusOK, relationship)
 }

internal/api/client/admin/accountaction.go

@@ -124,5 +124,7 @@ func (m *Module) AccountActionPOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, gin.H{"message": "OK"})
+	apiutil.JSON(c, http.StatusOK, map[string]string{
+		"message": "OK",
+	})
 }

internal/api/client/admin/domainkeysexpire.go

@@ -132,7 +132,9 @@ func (m *Module) DomainKeysExpirePOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusAccepted, &apimodel.AdminActionResponse{ActionID: actionID})
+	apiutil.JSON(c, http.StatusOK, &apimodel.AdminActionResponse{
+		ActionID: actionID,
+	})
 }
 
 func validateDomainKeysExpire(form *apimodel.DomainKeysExpireRequest) error {

internal/api/client/admin/domainpermission.go

@@ -122,7 +122,7 @@ func (m *Module) createDomainPermissions(
 			return
 		}
 
-		c.JSON(http.StatusOK, domainBlock)
+		apiutil.JSON(c, http.StatusOK, domainBlock)
 		return
 	}
 
@@ -158,7 +158,7 @@ func (m *Module) createDomainPermissions(
 		domainPerms = append(domainPerms, entry.Resource)
 	}
 
-	c.JSON(http.StatusOK, domainPerms)
+	apiutil.JSON(c, http.StatusOK, domainPerms)
 }
 
 // deleteDomainPermission deletes a single domain permission (block or allow).
@@ -200,7 +200,7 @@ func (m *Module) deleteDomainPermission(
 		return
 	}
 
-	c.JSON(http.StatusOK, domainPerm)
+	apiutil.JSON(c, http.StatusOK, domainPerm)
 }
 
 // getDomainPermission gets a single domain permission (block or allow).
@@ -248,7 +248,7 @@ func (m *Module) getDomainPermission(
 		return
 	}
 
-	c.JSON(http.StatusOK, domainPerm)
+	apiutil.JSON(c, http.StatusOK, domainPerm)
 }
 
 // getDomainPermissions gets all domain permissions of the given type (block, allow).
@@ -290,5 +290,5 @@ func (m *Module) getDomainPermissions(
 		return
 	}
 
-	c.JSON(http.StatusOK, domainPerm)
+	apiutil.JSON(c, http.StatusOK, domainPerm)
 }

internal/api/client/admin/emailtest.go

@@ -116,5 +116,7 @@ func (m *Module) EmailTestPOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusAccepted, gin.H{"status": "test email sent"})
+	apiutil.JSON(c, http.StatusAccepted, map[string]string{
+		"status": "test email sent",
+	})
 }

internal/api/client/admin/emojicategoriesget.go

@@ -89,5 +89,5 @@ func (m *Module) EmojiCategoriesGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, categories)
+	apiutil.JSON(c, http.StatusOK, categories)
 }

internal/api/client/admin/emojicreate.go

@@ -131,7 +131,7 @@ func (m *Module) EmojiCreatePOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, apiEmoji)
+	apiutil.JSON(c, http.StatusOK, apiEmoji)
 }
 
 func validateCreateEmoji(form *apimodel.EmojiCreateRequest) error {

internal/api/client/admin/emojidelete.go

@@ -105,5 +105,5 @@ func (m *Module) EmojiDELETEHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, emoji)
+	apiutil.JSON(c, http.StatusOK, emoji)
 }

internal/api/client/admin/emojiget.go

@@ -95,5 +95,5 @@ func (m *Module) EmojiGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, emoji)
+	apiutil.JSON(c, http.StatusOK, emoji)
 }

internal/api/client/admin/emojisget.go

@@ -206,5 +206,6 @@ func (m *Module) EmojisGETHandler(c *gin.Context) {
 	if resp.LinkHeader != "" {
 		c.Header("Link", resp.LinkHeader)
 	}
-	c.JSON(http.StatusOK, resp.Items)
+
+	apiutil.JSON(c, http.StatusOK, resp.Items)
 }

internal/api/client/admin/emojiupdate.go

@@ -161,7 +161,7 @@ func (m *Module) EmojiPATCHHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, emoji)
+	apiutil.JSON(c, http.StatusOK, emoji)
 }
 
 // do a first pass on the form here

internal/api/client/admin/mediacleanup.go

@@ -102,5 +102,5 @@ func (m *Module) MediaCleanupPOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, remoteCacheDays)
+	apiutil.JSON(c, http.StatusOK, remoteCacheDays)
 }

internal/api/client/admin/mediarefetch.go

@@ -88,5 +88,5 @@ func (m *Module) MediaRefetchPOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.Status(http.StatusAccepted)
+	apiutil.Data(c, http.StatusOK, apiutil.AppJSON, apiutil.StatusAcceptedJSON)
 }

internal/api/client/admin/reportget.go

@@ -98,5 +98,5 @@ func (m *Module) ReportGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, report)
+	apiutil.JSON(c, http.StatusOK, report)
 }

internal/api/client/admin/reportresolve.go

@@ -120,5 +120,5 @@ func (m *Module) ReportResolvePOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, report)
+	apiutil.JSON(c, http.StatusOK, report)
 }

internal/api/client/admin/reportsget.go

@@ -176,5 +176,6 @@ func (m *Module) ReportsGETHandler(c *gin.Context) {
 	if resp.LinkHeader != "" {
 		c.Header("Link", resp.LinkHeader)
 	}
-	c.JSON(http.StatusOK, resp.Items)
+
+	apiutil.JSON(c, http.StatusOK, resp.Items)
 }

internal/api/client/admin/rulecreate.go

@@ -108,7 +108,7 @@ func (m *Module) RulePOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, apiRule)
+	apiutil.JSON(c, http.StatusOK, apiRule)
 }
 
 func validateCreateRule(form *apimodel.InstanceRuleCreateRequest) error {

internal/api/client/admin/ruledelete.go

@@ -103,5 +103,5 @@ func (m *Module) RuleDELETEHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, apiRule)
+	apiutil.JSON(c, http.StatusOK, apiRule)
 }

internal/api/client/admin/ruleget.go

@@ -98,5 +98,5 @@ func (m *Module) RuleGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, rule)
+	apiutil.JSON(c, http.StatusOK, rule)
 }

internal/api/client/admin/rulesget.go

@@ -87,5 +87,5 @@ func (m *Module) RulesGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, resp)
+	apiutil.JSON(c, http.StatusOK, resp)
 }

internal/api/client/admin/ruleupdate.go

@@ -123,5 +123,5 @@ func (m *Module) RulePATCHHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, apiRule)
+	apiutil.JSON(c, http.StatusOK, apiRule)
 }

internal/api/client/apps/appcreate.go

@@ -121,5 +121,5 @@ func (m *Module) AppsPOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, apiApp)
+	apiutil.JSON(c, http.StatusOK, apiApp)
 }

internal/api/client/blocks/blocksget.go

@@ -142,5 +142,5 @@ func (m *Module) BlocksGETHandler(c *gin.Context) {
 		c.Header("Link", resp.LinkHeader)
 	}
 
-	c.JSON(http.StatusOK, resp.Items)
+	apiutil.JSON(c, http.StatusOK, resp.Items)
 }

internal/api/client/bookmarks/bookmarksget.go

@@ -120,5 +120,6 @@ func (m *Module) BookmarksGETHandler(c *gin.Context) {
 	if resp.LinkHeader != "" {
 		c.Header("Link", resp.LinkHeader)
 	}
-	c.JSON(http.StatusOK, resp.Items)
+
+	apiutil.JSON(c, http.StatusOK, resp.Items)
 }

internal/api/client/customemojis/customemojisget.go

@@ -71,5 +71,5 @@ func (m *Module) CustomEmojisGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, emojis)
+	apiutil.JSON(c, http.StatusOK, emojis)
 }

internal/api/client/favourites/favouritesget.go

@@ -137,5 +137,6 @@ func (m *Module) FavouritesGETHandler(c *gin.Context) {
 	if resp.LinkHeader != "" {
 		c.Header("Link", resp.LinkHeader)
 	}
-	c.JSON(http.StatusOK, resp.Items)
+
+	apiutil.JSON(c, http.StatusOK, resp.Items)
 }

internal/api/client/featuredtags/get.go

@@ -71,5 +71,5 @@ func (m *Module) FeaturedTagsGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, []interface{}{})
+	apiutil.Data(c, http.StatusOK, apiutil.AppJSON, apiutil.EmptyJSONArray)
 }

internal/api/client/filters/filtersget.go

@@ -38,5 +38,5 @@ func (m *Module) FiltersGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, []string{})
+	apiutil.Data(c, http.StatusOK, apiutil.AppJSON, apiutil.EmptyJSONArray)
 }

internal/api/client/followrequests/authorize.go

@@ -93,5 +93,5 @@ func (m *Module) FollowRequestAuthorizePOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, relationship)
+	apiutil.JSON(c, http.StatusOK, relationship)
 }

internal/api/client/followrequests/get.go

@@ -139,5 +139,5 @@ func (m *Module) FollowRequestGETHandler(c *gin.Context) {
 		c.Header("Link", resp.LinkHeader)
 	}
 
-	c.JSON(http.StatusOK, resp.Items)
+	apiutil.JSON(c, http.StatusOK, resp.Items)
 }

internal/api/client/followrequests/reject.go

@@ -91,5 +91,5 @@ func (m *Module) FollowRequestRejectPOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, relationship)
+	apiutil.JSON(c, http.StatusOK, relationship)
 }

internal/api/client/instance/instanceget.go

@@ -58,7 +58,7 @@ func (m *Module) InstanceInformationGETHandlerV1(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, instance)
+	apiutil.JSON(c, http.StatusOK, instance)
 }
 
 // InstanceInformationGETHandlerV2 swagger:operation GET /api/v2/instance instanceGetV2
@@ -93,5 +93,5 @@ func (m *Module) InstanceInformationGETHandlerV2(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, instance)
+	apiutil.JSON(c, http.StatusOK, instance)
 }

internal/api/client/instance/instancepatch.go

@@ -161,7 +161,7 @@ func (m *Module) InstanceUpdatePATCHHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, i)
+	apiutil.JSON(c, http.StatusOK, i)
 }
 
 func validateInstanceUpdate(form *apimodel.InstanceSettingsUpdateRequest) error {

internal/api/client/instance/instancepatch_test.go

@@ -78,8 +78,8 @@ func (suite *InstancePatchTestSuite) TestInstancePatch1() {
   "uri": "http://localhost:8080",
   "account_domain": "localhost:8080",
   "title": "Example Instance",
-  "description": "\u003cp\u003eThis is the GoToSocial testrig. It doesn't federate or anything.\u003c/p\u003e\u003cp\u003eWhen the testrig is shut down, all data on it will be deleted.\u003c/p\u003e\u003cp\u003eDon't use this in production!\u003c/p\u003e",
+  "description": "<p>This is the GoToSocial testrig. It doesn't federate or anything.</p><p>When the testrig is shut down, all data on it will be deleted.</p><p>Don't use this in production!</p>",
-  "short_description": "\u003cp\u003eThis is the GoToSocial testrig. It doesn't federate or anything.\u003c/p\u003e\u003cp\u003eWhen the testrig is shut down, all data on it will be deleted.\u003c/p\u003e\u003cp\u003eDon't use this in production!\u003c/p\u003e",
+  "short_description": "<p>This is the GoToSocial testrig. It doesn't federate or anything.</p><p>When the testrig is shut down, all data on it will be deleted.</p><p>Don't use this in production!</p>",
   "email": "someone@example.org",
   "version": "0.0.0-testrig",
   "languages": [
@@ -195,8 +195,8 @@ func (suite *InstancePatchTestSuite) TestInstancePatch2() {
   "uri": "http://localhost:8080",
   "account_domain": "localhost:8080",
   "title": "Geoff's Instance",
-  "description": "\u003cp\u003eThis is the GoToSocial testrig. It doesn't federate or anything.\u003c/p\u003e\u003cp\u003eWhen the testrig is shut down, all data on it will be deleted.\u003c/p\u003e\u003cp\u003eDon't use this in production!\u003c/p\u003e",
+  "description": "<p>This is the GoToSocial testrig. It doesn't federate or anything.</p><p>When the testrig is shut down, all data on it will be deleted.</p><p>Don't use this in production!</p>",
-  "short_description": "\u003cp\u003eThis is the GoToSocial testrig. It doesn't federate or anything.\u003c/p\u003e\u003cp\u003eWhen the testrig is shut down, all data on it will be deleted.\u003c/p\u003e\u003cp\u003eDon't use this in production!\u003c/p\u003e",
+  "short_description": "<p>This is the GoToSocial testrig. It doesn't federate or anything.</p><p>When the testrig is shut down, all data on it will be deleted.</p><p>Don't use this in production!</p>",
   "email": "admin@example.org",
   "version": "0.0.0-testrig",
   "languages": [
@@ -312,8 +312,8 @@ func (suite *InstancePatchTestSuite) TestInstancePatch3() {
   "uri": "http://localhost:8080",
   "account_domain": "localhost:8080",
   "title": "GoToSocial Testrig Instance",
-  "description": "\u003cp\u003eThis is the GoToSocial testrig. It doesn't federate or anything.\u003c/p\u003e\u003cp\u003eWhen the testrig is shut down, all data on it will be deleted.\u003c/p\u003e\u003cp\u003eDon't use this in production!\u003c/p\u003e",
+  "description": "<p>This is the GoToSocial testrig. It doesn't federate or anything.</p><p>When the testrig is shut down, all data on it will be deleted.</p><p>Don't use this in production!</p>",
-  "short_description": "\u003cp\u003eThis is some html, which is \u003cem\u003eallowed\u003c/em\u003e in short descriptions.\u003c/p\u003e",
+  "short_description": "<p>This is some html, which is <em>allowed</em> in short descriptions.</p>",
   "email": "admin@example.org",
   "version": "0.0.0-testrig",
   "languages": [
@@ -480,8 +480,8 @@ func (suite *InstancePatchTestSuite) TestInstancePatch6() {
   "uri": "http://localhost:8080",
   "account_domain": "localhost:8080",
   "title": "GoToSocial Testrig Instance",
-  "description": "\u003cp\u003eThis is the GoToSocial testrig. It doesn't federate or anything.\u003c/p\u003e\u003cp\u003eWhen the testrig is shut down, all data on it will be deleted.\u003c/p\u003e\u003cp\u003eDon't use this in production!\u003c/p\u003e",
+  "description": "<p>This is the GoToSocial testrig. It doesn't federate or anything.</p><p>When the testrig is shut down, all data on it will be deleted.</p><p>Don't use this in production!</p>",
-  "short_description": "\u003cp\u003eThis is the GoToSocial testrig. It doesn't federate or anything.\u003c/p\u003e\u003cp\u003eWhen the testrig is shut down, all data on it will be deleted.\u003c/p\u003e\u003cp\u003eDon't use this in production!\u003c/p\u003e",
+  "short_description": "<p>This is the GoToSocial testrig. It doesn't federate or anything.</p><p>When the testrig is shut down, all data on it will be deleted.</p><p>Don't use this in production!</p>",
   "email": "",
   "version": "0.0.0-testrig",
   "languages": [
@@ -619,8 +619,8 @@ func (suite *InstancePatchTestSuite) TestInstancePatch8() {
   "uri": "http://localhost:8080",
   "account_domain": "localhost:8080",
   "title": "GoToSocial Testrig Instance",
-  "description": "\u003cp\u003eThis is the GoToSocial testrig. It doesn't federate or anything.\u003c/p\u003e\u003cp\u003eWhen the testrig is shut down, all data on it will be deleted.\u003c/p\u003e\u003cp\u003eDon't use this in production!\u003c/p\u003e",
+  "description": "<p>This is the GoToSocial testrig. It doesn't federate or anything.</p><p>When the testrig is shut down, all data on it will be deleted.</p><p>Don't use this in production!</p>",
-  "short_description": "\u003cp\u003eThis is the GoToSocial testrig. It doesn't federate or anything.\u003c/p\u003e\u003cp\u003eWhen the testrig is shut down, all data on it will be deleted.\u003c/p\u003e\u003cp\u003eDon't use this in production!\u003c/p\u003e",
+  "short_description": "<p>This is the GoToSocial testrig. It doesn't federate or anything.</p><p>When the testrig is shut down, all data on it will be deleted.</p><p>Don't use this in production!</p>",
   "email": "admin@example.org",
   "version": "0.0.0-testrig",
   "languages": [
@@ -773,8 +773,8 @@ func (suite *InstancePatchTestSuite) TestInstancePatch9() {
   "uri": "http://localhost:8080",
   "account_domain": "localhost:8080",
   "title": "GoToSocial Testrig Instance",
-  "description": "\u003cp\u003eThis is the GoToSocial testrig. It doesn't federate or anything.\u003c/p\u003e\u003cp\u003eWhen the testrig is shut down, all data on it will be deleted.\u003c/p\u003e\u003cp\u003eDon't use this in production!\u003c/p\u003e",
+  "description": "<p>This is the GoToSocial testrig. It doesn't federate or anything.</p><p>When the testrig is shut down, all data on it will be deleted.</p><p>Don't use this in production!</p>",
-  "short_description": "\u003cp\u003eThis is the GoToSocial testrig. It doesn't federate or anything.\u003c/p\u003e\u003cp\u003eWhen the testrig is shut down, all data on it will be deleted.\u003c/p\u003e\u003cp\u003eDon't use this in production!\u003c/p\u003e",
+  "short_description": "<p>This is the GoToSocial testrig. It doesn't federate or anything.</p><p>When the testrig is shut down, all data on it will be deleted.</p><p>Don't use this in production!</p>",
   "email": "admin@example.org",
   "version": "0.0.0-testrig",
   "languages": [

internal/api/client/instance/instancepeersget.go

@@ -156,5 +156,5 @@ func (m *Module) InstancePeersGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, data)
+	apiutil.JSON(c, http.StatusOK, data)
 }

internal/api/client/instance/instancerulesget.go

@@ -67,5 +67,5 @@ func (m *Module) InstanceRulesGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, resp)
+	apiutil.JSON(c, http.StatusOK, resp)
 }

internal/api/client/lists/listaccounts.go

@@ -174,5 +174,6 @@ func (m *Module) ListAccountsGETHandler(c *gin.Context) {
 	if resp.LinkHeader != "" {
 		c.Header("Link", resp.LinkHeader)
 	}
-	c.JSON(http.StatusOK, resp.Items)
+
+	apiutil.JSON(c, http.StatusOK, resp.Items)
 }

internal/api/client/lists/listaccountsadd.go

@@ -116,5 +116,5 @@ func (m *Module) ListAccountsPOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, gin.H{})
+	apiutil.Data(c, http.StatusOK, apiutil.AppJSON, apiutil.EmptyJSONObject)
 }

internal/api/client/lists/listaccountsremove.go

@@ -126,5 +126,5 @@ func (m *Module) ListAccountsDELETEHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, gin.H{})
+	apiutil.Data(c, http.StatusOK, apiutil.AppJSON, apiutil.EmptyJSONObject)
 }

internal/api/client/lists/listcreate.go

@@ -102,5 +102,5 @@ func (m *Module) ListCreatePOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, apiList)
+	apiutil.JSON(c, http.StatusOK, apiList)
 }

internal/api/client/lists/listdelete.go

@@ -87,5 +87,5 @@ func (m *Module) ListDELETEHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, gin.H{})
+	apiutil.Data(c, http.StatusOK, apiutil.AppJSON, apiutil.EmptyJSONObject)
 }

internal/api/client/lists/listget.go

@@ -91,5 +91,5 @@ func (m *Module) ListGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, resp)
+	apiutil.JSON(c, http.StatusOK, resp)
 }

internal/api/client/lists/listsget.go

@@ -77,5 +77,5 @@ func (m *Module) ListsGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, lists)
+	apiutil.JSON(c, http.StatusOK, lists)
 }

internal/api/client/lists/listupdate.go

@@ -148,5 +148,5 @@ func (m *Module) ListUpdatePUTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, apiList)
+	apiutil.JSON(c, http.StatusOK, apiList)
 }

internal/api/client/markers/markersget.go

@@ -84,7 +84,7 @@ func (m *Module) MarkersGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, marker)
+	apiutil.JSON(c, http.StatusOK, marker)
 }
 
 // parseMarkerNames turns a list of strings into a set of valid marker timeline names, or returns an error.

internal/api/client/markers/markerspost.go

@@ -106,5 +106,5 @@ func (m *Module) MarkersPOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, marker)
+	apiutil.JSON(c, http.StatusOK, marker)
 }

internal/api/client/media/mediacreate.go

@@ -139,7 +139,7 @@ func (m *Module) MediaCreatePOSTHandler(c *gin.Context) {
 		apiAttachment.URL = nil
 	}
 
-	c.JSON(http.StatusOK, apiAttachment)
+	apiutil.JSON(c, http.StatusOK, apiAttachment)
 }
 
 func validateCreateMedia(form *apimodel.AttachmentRequest) error {

internal/api/client/media/mediaget.go

@@ -98,5 +98,5 @@ func (m *Module) MediaGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, attachment)
+	apiutil.JSON(c, http.StatusOK, attachment)
 }

internal/api/client/media/mediaupdate.go

@@ -141,7 +141,7 @@ func (m *Module) MediaPUTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, attachment)
+	apiutil.JSON(c, http.StatusOK, attachment)
 }
 
 func validateUpdateMedia(form *apimodel.AttachmentUpdateRequest) error {

internal/api/client/notifications/notificationget.go

@@ -83,5 +83,5 @@ func (m *Module) NotificationGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, resp)
+	apiutil.JSON(c, http.StatusOK, resp)
 }

internal/api/client/notifications/notificationsclear.go

@@ -75,5 +75,5 @@ func (m *Module) NotificationsClearPOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, struct{}{})
+	apiutil.Data(c, http.StatusOK, apiutil.AppJSON, apiutil.EmptyJSONObject)
 }

internal/api/client/notifications/notificationsget.go

@@ -155,5 +155,6 @@ func (m *Module) NotificationsGETHandler(c *gin.Context) {
 	if resp.LinkHeader != "" {
 		c.Header("Link", resp.LinkHeader)
 	}
-	c.JSON(http.StatusOK, resp.Items)
+
+	apiutil.JSON(c, http.StatusOK, resp.Items)
 }

internal/api/client/polls/polls_get.go

@@ -96,5 +96,5 @@ func (m *Module) PollGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, poll)
+	apiutil.JSON(c, http.StatusOK, poll)
 }

internal/api/client/polls/polls_vote.go

@@ -117,7 +117,7 @@ func (m *Module) PollVotePOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, poll)
+	apiutil.JSON(c, http.StatusOK, poll)
 }
 
 func bindChoices(c *gin.Context) ([]int, error) {

internal/api/client/preferences/preferencesget.go

@@ -87,5 +87,6 @@ func (m *Module) PreferencesGETHandler(c *gin.Context) {
 		apiutil.ErrorHandler(c, errWithCode, m.processor.InstanceGetV1)
 		return
 	}
-	c.JSON(http.StatusOK, resp)
+
+	apiutil.JSON(c, http.StatusOK, resp)
 }

internal/api/client/reports/reportcreate.go

@@ -107,5 +107,5 @@ func (m *Module) ReportPOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, apiReport)
+	apiutil.JSON(c, http.StatusOK, apiReport)
 }

internal/api/client/reports/reportget.go

@@ -90,5 +90,5 @@ func (m *Module) ReportGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, report)
+	apiutil.JSON(c, http.StatusOK, report)
 }

internal/api/client/reports/reportsget.go

@@ -168,5 +168,6 @@ func (m *Module) ReportsGETHandler(c *gin.Context) {
 	if resp.LinkHeader != "" {
 		c.Header("Link", resp.LinkHeader)
 	}
-	c.JSON(http.StatusOK, resp.Items)
+
+	apiutil.JSON(c, http.StatusOK, resp.Items)
 }

internal/api/client/search/searchget.go

@@ -235,5 +235,5 @@ func (m *Module) SearchGETHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, results)
+	apiutil.JSON(c, http.StatusOK, results)
 }

internal/api/client/timelines/home.go

@@ -147,5 +147,6 @@ func (m *Module) HomeTimelineGETHandler(c *gin.Context) {
 	if resp.LinkHeader != "" {
 		c.Header("Link", resp.LinkHeader)
 	}
-	c.JSON(http.StatusOK, resp.Items)
+
+	apiutil.JSON(c, http.StatusOK, resp.Items)
 }

internal/api/client/timelines/list.go

@@ -145,5 +145,6 @@ func (m *Module) ListTimelineGETHandler(c *gin.Context) {
 	if resp.LinkHeader != "" {
 		c.Header("Link", resp.LinkHeader)
 	}
-	c.JSON(http.StatusOK, resp.Items)
+
+	apiutil.JSON(c, http.StatusOK, resp.Items)
 }

internal/api/client/timelines/public.go

@@ -158,5 +158,6 @@ func (m *Module) PublicTimelineGETHandler(c *gin.Context) {
 	if resp.LinkHeader != "" {
 		c.Header("Link", resp.LinkHeader)
 	}
-	c.JSON(http.StatusOK, resp.Items)
+
+	apiutil.JSON(c, http.StatusOK, resp.Items)
 }

internal/api/client/timelines/tag.go

@@ -142,5 +142,6 @@ func (m *Module) TagTimelineGETHandler(c *gin.Context) {
 	if resp.LinkHeader != "" {
 		c.Header("Link", resp.LinkHeader)
 	}
-	c.JSON(http.StatusOK, resp.Items)
+
+	apiutil.JSON(c, http.StatusOK, resp.Items)
 }

internal/api/client/user/passwordchange.go

@@ -99,5 +99,5 @@ func (m *Module) PasswordChangePOSTHandler(c *gin.Context) {
 		return
 	}
 
-	c.JSON(http.StatusOK, gin.H{"status": "OK"})
+	apiutil.Data(c, http.StatusOK, apiutil.AppJSON, apiutil.StatusOKJSON)
 }

internal/api/fileserver/servefile.go

@@ -91,9 +91,8 @@ func (m *Module) ServeFile(c *gin.Context) {
 	}
 
 	if content.URL != nil {
-		// This is a non-local, non-proxied S3 file we're redirecting to.
+		// This is a non-local, non-proxied S3 file we're redirecting to. Derive
-		// Derive the max-age value from how long the link has left until
+		// the max-age value from how long the link has left until it expires.
-		// it expires.
 		maxAge := int(time.Until(content.URL.Expiry).Seconds())
 		c.Header("Cache-Control", "private, max-age="+strconv.Itoa(maxAge)+", immutable")
 		c.Redirect(http.StatusFound, content.URL.String())
@@ -110,7 +109,7 @@ func (m *Module) ServeFile(c *gin.Context) {
 	// TODO: if the requester only accepts text/html we should try to serve them *something*.
 	// This is mostly needed because when sharing a link to a gts-hosted file on something like mastodon, the masto servers will
 	// attempt to look up the content to provide a preview of the link, and they ask for text/html.
-	format, err := apiutil.NegotiateAccept(c, apiutil.MIME(content.ContentType))
+	contentType, err := apiutil.NegotiateAccept(c, content.ContentType)
 	if err != nil {
 		apiutil.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGetV1)
 		return
@@ -118,7 +117,7 @@ func (m *Module) ServeFile(c *gin.Context) {
 
 	// if this is a head request, just return info + throw the reader away
 	if c.Request.Method == http.MethodHead {
-		c.Header("Content-Type", format)
+		c.Header("Content-Type", contentType)
 		c.Header("Content-Length", strconv.FormatInt(content.ContentLength, 10))
 		c.Status(http.StatusOK)
 		return
@@ -128,12 +127,12 @@ func (m *Module) ServeFile(c *gin.Context) {
 	rng := c.GetHeader("Range")
 	if rng == "" {
 		// This is a simple query for the whole file, so do a read from whole reader.
-		c.DataFromReader(http.StatusOK, content.ContentLength, format, content.Content, nil)
+		c.DataFromReader(http.StatusOK, content.ContentLength, contentType, content.Content, nil)
 		return
 	}
 
 	// Set known content-type and serve range.
-	c.Header("Content-Type", format)
+	c.Header("Content-Type", contentType)
 	serveFileRange(
 		c.Writer,
 		c.Request,

internal/api/nodeinfo/nodeinfoget.go

@@ -18,7 +18,6 @@
 package nodeinfo
 
 import (
-	"encoding/json"
 	"net/http"
 
 	"github.com/gin-gonic/gin"
@@ -55,11 +54,12 @@ func (m *Module) NodeInfo2GETHandler(c *gin.Context) {
 		return
 	}
 
-	b, err := json.Marshal(nodeInfo)
+	// Encode JSON HTTP response.
-	if err != nil {
+	apiutil.EncodeJSONResponse(
-		apiutil.ErrorHandler(c, gtserror.NewErrorInternalError(err), m.processor.InstanceGetV1)
+		c.Writer,
-		return
+		c.Request,
-	}
+		http.StatusOK,
-
+		NodeInfo2ContentType,
-	c.Data(http.StatusOK, NodeInfo2ContentType, b)
+		nodeInfo,
+	)
 }

internal/api/util/errorhandling.go

@@ -55,7 +55,9 @@ func NotFoundHandler(c *gin.Context, instanceGet func(ctx context.Context) (*api
 			"requestID": gtscontext.RequestID(ctx),
 		})
 	default:
-		c.JSON(http.StatusNotFound, gin.H{"error": errWithCode.Safe()})
+		JSON(c, http.StatusNotFound, map[string]string{
+			"error": errWithCode.Safe(),
+		})
 	}
 }
 
@@ -78,7 +80,9 @@ func genericErrorHandler(c *gin.Context, instanceGet func(ctx context.Context) (
 			"requestID": gtscontext.RequestID(ctx),
 		})
 	default:
-		c.JSON(errWithCode.Code(), gin.H{"error": errWithCode.Safe()})
+		JSON(c, errWithCode.Code(), map[string]string{
+			"error": errWithCode.Safe(),
+		})
 	}
 }
 
@@ -102,7 +106,7 @@ func ErrorHandler(
 	c *gin.Context,
 	errWithCode gtserror.WithCode,
 	instanceGet func(ctx context.Context) (*apimodel.InstanceV1, gtserror.WithCode),
-	offers ...MIME,
+	offers ...string,
 ) {
 	if ctxErr := c.Request.Context().Err(); ctxErr != nil {
 		// Context error means either client has left already,
@@ -175,7 +179,7 @@ func OAuthErrorHandler(c *gin.Context, errWithCode gtserror.WithCode) {
 		l.Debug("handling OAuth error")
 	}
 
-	c.JSON(statusCode, gin.H{
+	JSON(c, statusCode, map[string]string{
 		"error":             errWithCode.Error(),
 		"error_description": errWithCode.Safe(),
 	})

internal/api/util/mime.go

@@ -17,20 +17,18 @@
 
 package util
 
-// MIME represents a mime-type.
-type MIME string
-
 const (
-	AppJSON           MIME = `application/json`
+	// Possible GoToSocial mimetypes.
-	AppXML            MIME = `application/xml`
+	AppJSON           = `application/json`
-	AppXMLXRD         MIME = `application/xrd+xml`
+	AppXML            = `application/xml`
-	AppRSSXML         MIME = `application/rss+xml`
+	AppXMLXRD         = `application/xrd+xml`
-	AppActivityJSON   MIME = `application/activity+json`
+	AppRSSXML         = `application/rss+xml`
-	AppActivityLDJSON MIME = `application/ld+json; profile="https://www.w3.org/ns/activitystreams"`
+	AppActivityJSON   = `application/activity+json`
-	AppJRDJSON        MIME = `application/jrd+json` // https://www.rfc-editor.org/rfc/rfc7033#section-10.2
+	AppActivityLDJSON = `application/ld+json; profile="https://www.w3.org/ns/activitystreams"`
-	AppForm           MIME = `application/x-www-form-urlencoded`
+	AppJRDJSON        = `application/jrd+json` // https://www.rfc-editor.org/rfc/rfc7033#section-10.2
-	MultipartForm     MIME = `multipart/form-data`
+	AppForm           = `application/x-www-form-urlencoded`
-	TextXML           MIME = `text/xml`
+	MultipartForm     = `multipart/form-data`
-	TextHTML          MIME = `text/html`
+	TextXML           = `text/xml`
-	TextCSS           MIME = `text/css`
+	TextHTML          = `text/html`
+	TextCSS           = `text/css`
 )

internal/api/util/negotiate.go

@@ -26,7 +26,7 @@ import (
 )
 
 // JSONAcceptHeaders is a slice of offers that just contains application/json types.
-var JSONAcceptHeaders = []MIME{
+var JSONAcceptHeaders = []string{
 	AppJSON,
 }
 
@@ -34,7 +34,7 @@ var JSONAcceptHeaders = []MIME{
 // jrd+json content type, but will be chill and fall back to app/json.
 // This is to be used specifically for webfinger responses.
 // See https://www.rfc-editor.org/rfc/rfc7033#section-10.2
-var WebfingerJSONAcceptHeaders = []MIME{
+var WebfingerJSONAcceptHeaders = []string{
 	AppJRDJSON,
 	AppJSON,
 }
@@ -42,13 +42,13 @@ var WebfingerJSONAcceptHeaders = []MIME{
 // JSONOrHTMLAcceptHeaders is a slice of offers that prefers AppJSON and will
 // fall back to HTML if necessary. This is useful for error handling, since it can
 // be used to serve a nice HTML page if the caller accepts that, or just JSON if not.
-var JSONOrHTMLAcceptHeaders = []MIME{
+var JSONOrHTMLAcceptHeaders = []string{
 	AppJSON,
 	TextHTML,
 }
 
 // HTMLAcceptHeaders is a slice of offers that just contains text/html types.
-var HTMLAcceptHeaders = []MIME{
+var HTMLAcceptHeaders = []string{
 	TextHTML,
 }
 
@@ -57,7 +57,7 @@ var HTMLAcceptHeaders = []MIME{
 // but which should also be able to serve ActivityPub as a fallback.
 //
 // https://www.w3.org/TR/activitypub/#retrieving-objects
-var HTMLOrActivityPubHeaders = []MIME{
+var HTMLOrActivityPubHeaders = []string{
 	TextHTML,
 	AppActivityLDJSON,
 	AppActivityJSON,
@@ -68,7 +68,7 @@ var HTMLOrActivityPubHeaders = []MIME{
 // which a user might also go to in their browser sometimes.
 //
 // https://www.w3.org/TR/activitypub/#retrieving-objects
-var ActivityPubOrHTMLHeaders = []MIME{
+var ActivityPubOrHTMLHeaders = []string{
 	AppActivityLDJSON,
 	AppActivityJSON,
 	TextHTML,
@@ -78,12 +78,12 @@ var ActivityPubOrHTMLHeaders = []MIME{
 // This is useful for URLs should only serve ActivityPub.
 //
 // https://www.w3.org/TR/activitypub/#retrieving-objects
-var ActivityPubHeaders = []MIME{
+var ActivityPubHeaders = []string{
 	AppActivityLDJSON,
 	AppActivityJSON,
 }
 
-var HostMetaHeaders = []MIME{
+var HostMetaHeaders = []string{
 	AppXMLXRD,
 	AppXML,
 }
@@ -109,7 +109,7 @@ var HostMetaHeaders = []MIME{
 // often-used Accept types.
 //
 // See https://developer.mozilla.org/en-US/docs/Web/HTTP/Content_negotiation#server-driven_content_negotiation
-func NegotiateAccept(c *gin.Context, offers ...MIME) (string, error) {
+func NegotiateAccept(c *gin.Context, offers ...string) (string, error) {
 	if len(offers) == 0 {
 		return "", errors.New("no format offered")
 	}

internal/api/util/negotiate_test.go

@@ -9,7 +9,7 @@ import (
 	"github.com/gin-gonic/gin"
 )
 
-type testMIMES []MIME
+type testMIMES []string
 
 func (tm testMIMES) String(t *testing.T) string {
 	t.Helper()

internal/api/util/response.go

@@ -0,0 +1,282 @@
+// GoToSocial
+// Copyright (C) GoToSocial Authors admin@gotosocial.org
+// SPDX-License-Identifier: AGPL-3.0-or-later
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package util
+
+import (
+	"encoding/json"
+	"encoding/xml"
+	"io"
+	"net/http"
+	"strconv"
+	"sync"
+
+	"codeberg.org/gruf/go-byteutil"
+	"codeberg.org/gruf/go-fastcopy"
+	"github.com/gin-gonic/gin"
+	"github.com/superseriousbusiness/gotosocial/internal/log"
+)
+
+var (
+	// Pre-preared response body data.
+	StatusOKJSON = mustJSON(map[string]string{
+		"status": http.StatusText(http.StatusOK),
+	})
+	StatusAcceptedJSON = mustJSON(map[string]string{
+		"status": http.StatusText(http.StatusAccepted),
+	})
+	StatusInternalServerErrorJSON = mustJSON(map[string]string{
+		"status": http.StatusText(http.StatusInternalServerError),
+	})
+	EmptyJSONObject = mustJSON("{}")
+	EmptyJSONArray  = mustJSON("[]")
+
+	// write buffer pool.
+	bufPool sync.Pool
+)
+
+// JSON calls EncodeJSONResponse() using gin.Context{}, with content-type = AppJSON,
+// This function handles the case of JSON unmarshal errors and pools read buffers.
+func JSON(c *gin.Context, code int, data any) {
+	EncodeJSONResponse(c.Writer, c.Request, code, AppJSON, data)
+}
+
+// JSON calls EncodeJSONResponse() using gin.Context{}, with given content-type.
+// This function handles the case of JSON unmarshal errors and pools read buffers.
+func JSONType(c *gin.Context, code int, contentType string, data any) {
+	EncodeJSONResponse(c.Writer, c.Request, code, contentType, data)
+}
+
+// Data calls WriteResponseBytes() using gin.Context{}, with given content-type.
+func Data(c *gin.Context, code int, contentType string, data []byte) {
+	WriteResponseBytes(c.Writer, c.Request, code, contentType, data)
+}
+
+// WriteResponse buffered streams 'data' as HTTP response
+// to ResponseWriter with given status code content-type.
+func WriteResponse(
+	rw http.ResponseWriter,
+	r *http.Request,
+	statusCode int,
+	contentType string,
+	data io.Reader,
+	length int64,
+) {
+	if length < 0 {
+		// The worst-case scenario, length is not known so we need to
+		// read the entire thing into memory to know length & respond.
+		writeResponseUnknownLength(rw, r, statusCode, contentType, data)
+		return
+	}
+
+	// The best-case scenario, stream content of known length.
+	rw.Header().Set("Content-Type", contentType)
+	rw.Header().Set("Content-Length", strconv.FormatInt(length, 10))
+	rw.WriteHeader(statusCode)
+	if _, err := fastcopy.Copy(rw, data); err != nil {
+		log.Errorf(r.Context(), "error streaming: %v", err)
+	}
+}
+
+// WriteResponseBytes is functionally similar to
+// WriteResponse except that it takes prepared bytes.
+func WriteResponseBytes(
+	rw http.ResponseWriter,
+	r *http.Request,
+	statusCode int,
+	contentType string,
+	data []byte,
+) {
+	rw.Header().Set("Content-Type", contentType)
+	rw.Header().Set("Content-Length", strconv.Itoa(len(data)))
+	rw.WriteHeader(statusCode)
+	if _, err := rw.Write(data); err != nil && err != io.EOF {
+		log.Errorf(r.Context(), "error writing: %v", err)
+	}
+}
+
+// EncodeJSONResponse encodes 'data' as JSON HTTP response
+// to ResponseWriter with given status code, content-type.
+func EncodeJSONResponse(
+	rw http.ResponseWriter,
+	r *http.Request,
+	statusCode int,
+	contentType string,
+	data any,
+) {
+	// Acquire buffer.
+	buf := getBuf()
+
+	// Wrap buffer in JSON encoder.
+	enc := json.NewEncoder(buf)
+	enc.SetEscapeHTML(false)
+
+	// Encode JSON data into byte buffer.
+	if err := enc.Encode(data); err == nil {
+
+		// Drop new-line added by encoder.
+		if buf.B[len(buf.B)-1] == '\n' {
+			buf.B = buf.B[:len(buf.B)-1]
+		}
+
+		// Respond with the now-known
+		// size byte slice within buf.
+		WriteResponseBytes(rw, r,
+			statusCode,
+			contentType,
+			buf.B,
+		)
+	} else {
+		// This will always be a JSON error, we
+		// can't really add any more useful context.
+		log.Error(r.Context(), err)
+
+		// Any error returned here is unrecoverable,
+		// set Internal Server Error JSON response.
+		WriteResponseBytes(rw, r,
+			http.StatusInternalServerError,
+			AppJSON,
+			StatusInternalServerErrorJSON,
+		)
+	}
+
+	// Release.
+	putBuf(buf)
+}
+
+// EncodeJSONResponse encodes 'data' as XML HTTP response
+// to ResponseWriter with given status code, content-type.
+func EncodeXMLResponse(
+	rw http.ResponseWriter,
+	r *http.Request,
+	statusCode int,
+	contentType string,
+	data any,
+) {
+	// Acquire buffer.
+	buf := getBuf()
+
+	// Write XML header string to buf.
+	buf.B = append(buf.B, xml.Header...)
+
+	// Wrap buffer in XML encoder.
+	enc := xml.NewEncoder(buf)
+
+	// Encode JSON data into byte buffer.
+	if err := enc.Encode(data); err == nil {
+
+		// Respond with the now-known
+		// size byte slice within buf.
+		WriteResponseBytes(rw, r,
+			statusCode,
+			contentType,
+			buf.B,
+		)
+	} else {
+		// This will always be an XML error, we
+		// can't really add any more useful context.
+		log.Error(r.Context(), err)
+
+		// Any error returned here is unrecoverable,
+		// set Internal Server Error JSON response.
+		WriteResponseBytes(rw, r,
+			http.StatusInternalServerError,
+			AppJSON,
+			StatusInternalServerErrorJSON,
+		)
+	}
+
+	// Release.
+	putBuf(buf)
+}
+
+// writeResponseUnknownLength handles reading data of unknown legnth
+// efficiently into memory, and passing on to WriteResponseBytes().
+func writeResponseUnknownLength(
+	rw http.ResponseWriter,
+	r *http.Request,
+	statusCode int,
+	contentType string,
+	data io.Reader,
+) {
+	// Acquire buffer.
+	buf := getBuf()
+
+	// Read content into buffer.
+	_, err := buf.ReadFrom(data)
+
+	if err == nil {
+
+		// Respond with the now-known
+		// size byte slice within buf.
+		WriteResponseBytes(rw, r,
+			statusCode,
+			contentType,
+			buf.B,
+		)
+	} else {
+		// This will always be a reader error (non EOF),
+		// but that doesn't mean the writer is closed yet!
+		log.Errorf(r.Context(), "error reading: %v", err)
+
+		// Any error returned here is unrecoverable,
+		// set Internal Server Error JSON response.
+		WriteResponseBytes(rw, r,
+			http.StatusInternalServerError,
+			AppJSON,
+			StatusInternalServerErrorJSON,
+		)
+	}
+
+	// Release.
+	putBuf(buf)
+}
+
+func getBuf() *byteutil.Buffer {
+	// acquire buffer from pool.
+	buf, _ := bufPool.Get().(*byteutil.Buffer)
+
+	if buf == nil {
+		// alloc new buf if needed.
+		buf = new(byteutil.Buffer)
+		buf.B = make([]byte, 0, 4096)
+	}
+
+	return buf
+}
+
+func putBuf(buf *byteutil.Buffer) {
+	if cap(buf.B) >= int(^uint16(0)) {
+		// drop buffers of large size.
+		return
+	}
+
+	// ensure empty.
+	buf.Reset()
+
+	// release to pool.
+	bufPool.Put(buf)
+}
+
+// mustJSON converts data to JSON, else panicking.
+func mustJSON(data any) []byte {
+	b, err := json.Marshal(data)
+	if err != nil {
+		panic(err)
+	}
+	return b
+}