title |
linkTitle |
description |
categories |
keywords |
menu |
function |
relatedFunctions |
aliases |
safe.JS |
safeJS |
Declares the provided string as a known safe JavaScript string. |
|
|
|
aliases |
returnType |
signatures |
|
template.JS |
|
|
safe.CSS |
safe.HTML |
safe.HTMLAttr |
safe.JS |
safe.JSStr |
safe.URL |
|
|
In this context, safe means the string encapsulates a known safe EcmaScript5 Expression (e.g., (x + y * z())
).
Template authors are responsible for ensuring that typed expressions do not break the intended precedence and that there is no statement/expression ambiguity as when passing an expression like { foo:bar() }\n['foo']()
, which is both a valid expression and a valid program with a very different meaning.
Example: Given hash = "619c16f"
defined in the front matter of your .md
file:
<script>var form_{{ .Params.hash | safeJS }};…</script>
→ <script>var form_619c16f;…</script>
<script>var form_{{ .Params.hash }};…</script>
→ <script>var form_"619c16f";…</script>