diff options
Diffstat (limited to 'docs/content/en/functions/safe/HTML.md')
| -rw-r--r-- | docs/content/en/functions/safe/HTML.md | 39 |
1 files changed, 0 insertions, 39 deletions
diff --git a/docs/content/en/functions/safe/HTML.md b/docs/content/en/functions/safe/HTML.md deleted file mode 100644 index ecc4f1346..000000000 --- a/docs/content/en/functions/safe/HTML.md +++ /dev/null @@ -1,39 +0,0 @@ ---- -title: safe.HTML -description: Declares the given string as a safeHTML string. -categories: [] -keywords: [] -action: - aliases: [safeHTML] - related: - - functions/safe/CSS - - functions/safe/HTMLAttr - - functions/safe/JS - - functions/safe/JSStr - - functions/safe/URL - returnType: template.HTML - signatures: [safe.HTML INPUT] -aliases: [/functions/safehtml] ---- - -It should not be used for HTML from a third-party, or HTML with unclosed tags or comments. - -Given a site-wide [`hugo.toml`][config] with the following `copyright` value: - -{{< code-toggle file=hugo >}} -copyright = "© 2015 Jane Doe. <a href=\"https://creativecommons.org/licenses/by/4.0/\">Some rights reserved</a>." -{{< /code-toggle >}} - -`{{ .Site.Copyright | safeHTML }}` in a template would then output: - -```html -© 2015 Jane Doe. <a href="https://creativecommons.org/licenses/by/4.0/">Some rights reserved</a>. -``` - -However, without the `safeHTML` function, html/template assumes `.Site.Copyright` to be unsafe and therefore escapes all HTML tags and renders the whole string as plain text: - -```html -<p>© 2015 Jane Doe. <a href="https://creativecommons.org/licenses by/4.0/">Some rights reserved</a>.</p> -``` - -[config]: /getting-started/configuration/ |