hugo/docs/content/en/functions/safe/HTML.md at 9beb61416cb51a1ff111ca52f2486210ab825f03

mirror of https://github.com/gohugoio/hugo.git synced 2024-07-05 00:32:03 +00:00

Bjørn Erik Pedersen 5fd1e74903

Merge commit '9b0050e9aabe4be65c78ccf292a348f309d50ccd' as 'docs'

```
git subtree add --prefix=docs/ https://github.com/gohugoio/hugoDocs.git master --squash
```

Closes #11925

2024-01-27 10:48:57 +01:00

1.2 KiB

Raw Blame History

title

description

categories

keywords

action

aliases

safe.HTML

Declares the given string as a safeHTML string.

aliases

returnType

signatures

safeHTML

functions/safe/CSS

functions/safe/HTMLAttr

functions/safe/JS

functions/safe/JSStr

functions/safe/URL

template.HTML

safe.HTML INPUT

/functions/safehtml

It should not be used for HTML from a third-party, or HTML with unclosed tags or comments.

Given a site-wide hugo.toml with the following copyright value:

{{ .Site.Copyright | safeHTML }} in a template would then output:

© 2015 Jane Doe.  <a href="https://creativecommons.org/licenses/by/4.0/">Some rights reserved</a>.

However, without the safeHTML function, html/template assumes .Site.Copyright to be unsafe and therefore escapes all HTML tags and renders the whole string as plain text:

<p>© 2015 Jane Doe.  &lt;a href=&#34;https://creativecommons.org/licenses by/4.0/&#34;&gt;Some rights reserved&lt;/a&gt;.</p>

1.2 KiB Raw Blame History

1.2 KiB

Raw Blame History