From c21e2b3b4d759bc84ba080bc35059bb51eb34144 Mon Sep 17 00:00:00 2001
From: marco <marco@webguerilla.net>
Date: Wed, 22 Jun 2016 13:21:04 +0200
Subject: [PATCH] tpl: Enable safeHTMLAttr

See #2234 and #347
---
 docs/content/templates/functions.md | 3 ---
 tpl/template_funcs.go               | 4 +---
 2 files changed, 1 insertion(+), 6 deletions(-)

diff --git a/docs/content/templates/functions.md b/docs/content/templates/functions.md
index 7b6e0a3ee..84767b224 100644
--- a/docs/content/templates/functions.md
+++ b/docs/content/templates/functions.md
@@ -546,7 +546,6 @@ rendering the whole string as plain-text like this:
 <p>© 2015 Jane Doe.  &lt;a href=&#34;http://creativecommons.org/licenses/by/4.0/&#34;&gt;Some rights reserved&lt;/a&gt;.</p>
 </blockquote>
 
-<!--
 ### safeHTMLAttr
 Declares the provided string as a "safe" HTML attribute
 from a trusted source, for example, ` dir="ltr"`,
@@ -560,8 +559,6 @@ Example: Given a site-wide `config.toml` that contains this menu entry:
 
 * `<a href="{{ .URL }}">` ⇒ `<a href="#ZgotmplZ">` (Bad!)
 * `<a {{ printf "href=%q" .URL | safeHTMLAttr }}>` ⇒ `<a href="irc://irc.freenode.net/#golang">` (Good!)
--->
-
 
 ### safeCSS
 Declares the provided string as a known "safe" CSS string
diff --git a/tpl/template_funcs.go b/tpl/template_funcs.go
index 80ecdfe0c..db785cbc0 100644
--- a/tpl/template_funcs.go
+++ b/tpl/template_funcs.go
@@ -1576,9 +1576,6 @@ func readDirFromWorkingDir(i interface{}) ([]os.FileInfo, error) {
 }
 
 // safeHTMLAttr returns a given string as html/template HTMLAttr content.
-//
-// safeHTMLAttr is currently disabled, pending further discussion
-// on its use case.  2015-01-19
 func safeHTMLAttr(a interface{}) template.HTMLAttr {
 	return template.HTMLAttr(cast.ToString(a))
 }
@@ -1806,6 +1803,7 @@ func init() {
 		"replaceRE":    replaceRE,
 		"safeCSS":      safeCSS,
 		"safeHTML":     safeHTML,
+		"safeHTMLAttr": safeHTMLAttr,
 		"safeJS":       safeJS,
 		"safeURL":      safeURL,
 		"sanitizeURL":  helpers.SanitizeURL,