safe.HTML
Syntax
safe.HTML INPUT ⟼ template.HTML
Alias
safeHTML
It should not be used for HTML from a third-party, or HTML with unclosed tags or comments.
Given a site-wide hugo.toml
with the following copyright
value:
hugo.
copyright: © 2015 Jane Doe. <a href="https://creativecommons.org/licenses/by/4.0/">Some
rights reserved</a>.
copyright = '© 2015 Jane Doe. <a href="https://creativecommons.org/licenses/by/4.0/">Some rights reserved</a>.'
{
"copyright": "© 2015 Jane Doe. \u003ca href=\"https://creativecommons.org/licenses/by/4.0/\"\u003eSome rights reserved\u003c/a\u003e."
}
{{ .Site.Copyright | safeHTML }}
in a template would then output:
© 2015 Jane Doe. <a href="https://creativecommons.org/licenses/by/4.0/">Some rights reserved</a>.
However, without the safeHTML
function, html/template assumes .Site.Copyright
to be unsafe and therefore escapes all HTML tags and renders the whole string as plain text:
<p>© 2015 Jane Doe. <a href="https://creativecommons.org/licenses by/4.0/">Some rights reserved</a>.</p>