phoenix/hugo
1
0
Fork 0
mirror of https://github.com/gohugoio/hugo.git synced 2024-07-19 15:19:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
hugo/content/functions/safeHTML.md
Bjørn Erik Pedersen 2c0d1ccdcd Squashed 'docs/' changes from b0470688..73f355ce 
73f355ce Update theme
83ff50c2 Use example.com in examples
71292134 Add alias news > release-notes
2e15f642 Update theme
8eef09d2 Add Pygments configuration
572b9e75 Clean up the code shortcode use
a1b2fd3b Remove the code fence language codes
1473b1d9 Remove redundant text
b92c2042 Update theme
8f439c28 Edit contributing section in README
8bcf8a19 Add contributing section to README
4c44ee1c Fix broken content file
2bdc7710 Clarify .Data.Pages sorting in lists.md
092271c2 Use infinitive mood for main titles
b9b8abef Update theme to reflect change to home page content
b897b71b Change copy to use sentence case
fd675ee5 Enable RSS feed for sections
060a5e27 Correct movie title in taxonomies.md
6a5ca96a Update displayed site name for Hub
22f4b7a4 Add example of starting up the local server
d9612cb3 Update theme
a8c3988a Update theme
4198189d Update theme
12d6b016 Update theme
2b1c4197 Update theme
b6d90a1e Fix News release titles
cfe751db Add some build info to README

git-subtree-dir: docs
git-subtree-split: 73f355ce0dd88d032062ea70067431ab980cdd8d
2017-07-21 11:00:08 +02:00

1.2 KiB
Raw Blame History

title description godocref date publishdate lastmod categories menu signature workson hugoversion relatedfuncs deprecated
safeHTML Declares a provided string as a "safe" HTML document to avoid escaping by Go templates. https://golang.org/src/html/template/content.go?s=1374:1385#L25 2017-02-01 2017-02-01 2017-02-01
functions
docs
parent
functions
safeHTML INPUT
false

It should not be used for HTML from a third-party, or HTML with unclosed tags or comments.

Given a site-wide config.toml with the following copyright value:

copyright = "© 2015 Jane Doe.  <a href=\"http://creativecommons.org/licenses/by/4.0/\">Some rights reserved</a>."

{{ .Site.Copyright | safeHTML }} in a template would then output:

© 2015 Jane Doe.  <a href="http://creativecommons.org/licenses/by/4.0/">Some rights reserved</a>.

However, without the safeHTML function, html/template assumes .Site.Copyright to be unsafe and therefore escapes all HTML tags and renders the whole string as plain text:

<p>© 2015 Jane Doe.  &lt;a href=&#34;http://creativecommons.org/licenses by/4.0/&#34;&gt;Some rights reserved&lt;/a&gt;.</p>