Menu
I work on a dev tool that uses templates for generating files such as readmes and licenses.
Everything works fine apart from one instance of a < character gets turned into a < - the corresponding > character works fine and appears as expected in the output.
Template file: https://raw.githubusercontent.com/Southclaws/pawn-package-template/master/README.md the the lines of interest are:
```pawn
#include <{{.Repo}}>
```
Where Repo gets inserted with the expected result being
#include <sometext>
But what actually comes out is:
#include <sometext>
I can't figure out why this is happening from the docs. It seems like a bug to be honest because if it's looking for things to escape, surely it would turn > into > as well, right?
898
html/template provides automatic, context-sensitive escaping safe against code injection:
HTML templates treat data values as plain text which should be encoded so they can be safely embedded in an HTML document. The escaping is contextual, so actions can appear within JavaScript, CSS, and URI contexts.
html/template is only to generate HTML output:
It provides the same interface as package text/template and should be used instead of text/template whenever the output is HTML.
If the output is not HTML, use text/template instead which does not escape data.
92
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
