Template unnecessarily escaping `<` to `<` but not `>` - McMap

About

Template unnecessarily escaping `<` to `&lt;` but not `>`

Asked 30/1, 2018 at 17:20 Answered 30/1, 2018 at 17:23

Solved go escaping go-templates

C

1

15

I work on a dev tool that uses templates for generating files such as readmes and licenses.

Everything works fine apart from one instance of a < character gets turned into a < - the corresponding > character works fine and appears as expected in the output.

Template file: https://raw.githubusercontent.com/Southclaws/pawn-package-template/master/README.md the the lines of interest are:

```pawn
#include <{{.Repo}}>
```

Where Repo gets inserted with the expected result being

#include <sometext>

But what actually comes out is:

#include &lt;sometext>

I can't figure out why this is happening from the docs. It seems like a bug to be honest because if it's looking for things to escape, surely it would turn > into > as well, right?

Chrysarobin answered 30/1, 2018 at 17:20 Comment(0)

B

34

html/template provides automatic, context-sensitive escaping safe against code injection:

HTML templates treat data values as plain text which should be encoded so they can be safely embedded in an HTML document. The escaping is contextual, so actions can appear within JavaScript, CSS, and URI contexts.

html/template is only to generate HTML output:

It provides the same interface as package text/template and should be used instead of text/template whenever the output is HTML.

If the output is not HTML, use text/template instead which does not escape data.

Byyourleave answered 30/1, 2018 at 17:23 Comment(1)

Oh god it was that simple... that's what i get for relying too much on auto-importers! Thanks! – Chrysarobin 30/1, 2018 at 17:27

Recommended topics

#Godot #Unity #Godot 4.X #Mongodb

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

© 2022 - 2024 — McMap. All rights reserved.