TheCloud/hugoDocs
1
0
Fork 0
mirror of https://github.com/gohugoio/hugoDocs.git synced 2025-09-10 18:04:41 -04:00
Code Issues Packages Projects Releases Wiki Activity

Update index.md

Browse Source
This commit is contained in:
Bjørn Erik Pedersen 2023-02-25 16:28:21 +01:00 committed by GitHub
parent 36dd5483fb
commit 43d83c1312
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
content/en/about/security-model/index.md
View File

@ -57,7 +57,7 @@ For HTML output, this is the core security model:
In short: In short:
Templates authors (you) are trusted, but the data you send in is not. Template and configuration authors (you) are trusted, but the data you send in is not.
This is why you sometimes need to use the _safe_ functions, such as `safeHTML`, to avoid escaping of data you know is safe. This is why you sometimes need to use the _safe_ functions, such as `safeHTML`, to avoid escaping of data you know is safe.
There is one exception to the above, as noted in the documentation: If you enable inline shortcodes, you also say that the shortcodes and data handling in content files are trusted, as those macros are treated as pure text. There is one exception to the above, as noted in the documentation: If you enable inline shortcodes, you also say that the shortcodes and data handling in content files are trusted, as those macros are treated as pure text.
It may be worth adding that Hugo is a static site generator with no concept of dynamic user input. It may be worth adding that Hugo is a static site generator with no concept of dynamic user input.