mirror of
https://github.com/gohugoio/hugoDocs.git
synced 2025-10-04 15:47:25 -04:00
1.4 KiB
1.4 KiB
| title | description | godocref | date | publishdate | lastmod | categories | menu | tags | ns | signature | workson | hugoversion | relatedfuncs | deprecated | |||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| safeHTML | Declares a provided string as a "safe" HTML document to avoid escaping by Go templates. | https://golang.org/src/html/template/content.go?s=1374:1385#L25 | 2017-02-01 | 2017-02-01 | 2017-02-01 |
|
|
|
|
false |
safeHTML declares the provided string as a "safe" HTML document fragment
so Go html/template will not filter it. It should not be used
for HTML from a third-party, or HTML with unclosed tags or comments.
Given a site-wide config.toml with the following copyright value:
copyright = "© 2015 Jane Doe. <a href=\"http://creativecommons.org/licenses/by/4.0/\">Some rights reserved</a>."
{{ .Site.Copyright | safeHTML }} in a template would then output:
© 2015 Jane Doe. <a href="http://creativecommons.org/licenses/by/4.0/">Some rights reserved</a>.
However, without the safeHTML function, html/template assumes .Site.Copyright to be unsafe and therefore escapes all HTML tags and renders the whole string as plain text:
<p>© 2015 Jane Doe. <a href="http://creativecommons.org/licenses by/4.0/">Some rights reserved</a>.</p>