diff options
author | Ayooluwa <ayo@freshman.tech> | 2022-11-12 10:31:33 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-11-12 10:31:33 +0300 |
commit | c27b545acbdc17efd6235d62210cd1d5d0672091 (patch) | |
tree | 05dbd4e42e39862868900f21515b459646398551 | |
parent | b04a4b32e2dc10c674baaeadd98e16b455fea0e6 (diff) |
Improve explanation of safeHTMLAttr's function (#1503)
Co-authored-by: Joe Mooring <joe.mooring@veriphor.com>
-rw-r--r-- | content/en/functions/safeHTMLAttr.md | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/content/en/functions/safeHTMLAttr.md b/content/en/functions/safeHTMLAttr.md index 19de2e985..17539d850 100644 --- a/content/en/functions/safeHTMLAttr.md +++ b/content/en/functions/safeHTMLAttr.md @@ -26,5 +26,13 @@ Example: Given a site-wide `config.toml` that contains this menu entry: url = "irc://irc.freenode.net/#golang" {{< /code-toggle >}} -* <span class="bad">`<a href="{{ .URL }}">` → `<a href="#ZgotmplZ">`</span> -* <span class="good">`<a {{ printf "href=%q" .URL | safeHTMLAttr }}>` → `<a href="irc://irc.freenode.net/#golang">`</span> + +Attempting to use the `url` value directly in an attribute like this: + +- `<a href="{{ .URL }}"></a>` will produce the following: `<a href="#ZgotmplZ"></a>`. + +The `ZgotmplZ` value indicates that you're trying to output content at a spot +where `template/html` deems to be unsafe. To correct the output, use the +`safeHTMLAttr` function like so: + +- `<a {{ printf "href=%q" .URL | safeHTMLAttr }}></a>` which produces: `<a href="irc://irc.freenode.net/#golang"></a>` |