hugo/docs/content/en/functions/safeHTML.md

42 lines
1.3 KiB
Markdown
Raw Normal View History

---
title: safeHTML
# linktitle:
description: Declares a provided string as a "safe" HTML document to avoid escaping by Go templates.
godocref: https://golang.org/src/html/template/content.go?s=1374:1385#L25
date: 2017-02-01
publishdate: 2017-02-01
lastmod: 2017-02-01
categories: [functions]
menu:
docs:
parent: "functions"
keywords: [strings]
signature: ["safeHTML INPUT"]
workson: []
hugoversion:
relatedfuncs: []
deprecated: false
---
It should not be used for HTML from a third-party, or HTML with unclosed tags or comments.
Given a site-wide [`config.toml`][config] with the following `copyright` value:
Squashed 'docs/' changes from 9cece6640..fb551cc75 fb551cc75 Update index.md 7af894857 Update index.md d235753ea Hugo 0.82.1 e03e72deb Merge branch 'temp0821' e62648961 Merge branch 'release-0.82.1' e1ab0f6eb releaser: Add release notes to /docs for release of 0.82.1 5d354c38d Replaced ``` code blocks with Code Toggler c9d065c20 Remove duplicate YAML keys (#1420) 8ae31e701 Add webp image encoding support 848f2af26 Update internal.md (#1407) c103a86a4 Fix `ref` shortcode example output (#1409) 9f8ba56dc Remove leading dot from where function KEY (#1419) 363251a51 Improve presentation of template lookup order (#1382) b73da986d Improve description of Page Resources (#1381) 4e0bb96d5 Rework robots.txt page (#1405) edf893e6f Update migrations.md (#1412) 450f1580b Add link to `site` function doc (#1417) cfffa6e6f Added one extension to the list (#1414) 05f1665a0 Update theme 5de0b1c6a Update theme 250e20552 Add hugo.IsExtended dea5e1fd7 Fix typo on merge function page (#1408) 1bbed2cf3 Update configuration.md be0b64a46 Omit ISO cbb5b8367 Fix `dateFormat` documentation 698f15466 Regenerate the docshelper f9a8a7cb6 Update multilingual.md a22dc6267 Fix grammar (#1398) eb98b0997 Fix pretty URL example (#1397) f4c4153dc Mention date var complementation in post scheduling (#1396) 17fae284c Fix resources.ExecuteAsTemplate argument order (#1394) 97e2c2abb Use code-toggle shortcode in `multilingual.md` (#1388) 3a84929bb Harmonize capitalization (#1393) 17f15daa6 fix file naming used in example (#1392) 5d97b6a18 Add slice syntax to sections permalinks config 00665b97b Improve description of `site.md` edcf5e3fc Fix example in `merge.md` f275ab778 Update postprocess.md 9593e3991 Fix file name 59bd9656f Update postprocess.md 1172fb6d0 Update to theNewDynamic repository (#1263) f5b5c1d2c Update Hugo container image 4f2e92f2a Adapt anchorize.md to Goldmark 98aa19073 Directly link to `highlight` shortcode (#1384) 4c75c2422 Fix header level f15c06f23 markdownify: add note about render-hooks and .RenderString (#1281) 69c82eb68 Remove Blackfriday reference from shortcode desc (#1380) 36de478df Update description of ignoreFiles config setting (#1377) 6337699d8 Remove "Authors" page from documentation (#1371) 35e73ca90 fix indent in example (#1372) d3f01f19a Remove opening body tag from header example (#1376) 341a5a7d8 Update index.md c9bfdbee6 Release 0.82.0 119644949 releaser: Add release notes to /docs for release of 0.82.0 32efaed78 docs: Regenerate docs helper dea5449a2 docs: Regen CLI docs eeab18fce Merge commit '81689af79901f0cdaff765cda6322dd4a9a7ccb3' d508a1259 Attributes for code fences should be placed after the lang indicator only c80905cef deps: Update to esbuild v0.9.0 95350eb79 Add support for Google Analytics v4 02d36f9bc Allow markdown attribute lists to be used in title render hooks 7df220a64 Merge commit '9d31f650da964a52f05fc27b7fb99cf3e09778cf' d80bf61b7 Fixes #7698. git-subtree-dir: docs git-subtree-split: fb551cc750faa83a1493b0e0d0898cd98ab74465
2021-04-20 14:21:45 -04:00
{{< code-toggle file="config" >}}
copyright = "© 2015 Jane Doe. <a href=\"https://creativecommons.org/licenses/by/4.0/\">Some rights reserved</a>."
Squashed 'docs/' changes from 9cece6640..fb551cc75 fb551cc75 Update index.md 7af894857 Update index.md d235753ea Hugo 0.82.1 e03e72deb Merge branch 'temp0821' e62648961 Merge branch 'release-0.82.1' e1ab0f6eb releaser: Add release notes to /docs for release of 0.82.1 5d354c38d Replaced ``` code blocks with Code Toggler c9d065c20 Remove duplicate YAML keys (#1420) 8ae31e701 Add webp image encoding support 848f2af26 Update internal.md (#1407) c103a86a4 Fix `ref` shortcode example output (#1409) 9f8ba56dc Remove leading dot from where function KEY (#1419) 363251a51 Improve presentation of template lookup order (#1382) b73da986d Improve description of Page Resources (#1381) 4e0bb96d5 Rework robots.txt page (#1405) edf893e6f Update migrations.md (#1412) 450f1580b Add link to `site` function doc (#1417) cfffa6e6f Added one extension to the list (#1414) 05f1665a0 Update theme 5de0b1c6a Update theme 250e20552 Add hugo.IsExtended dea5e1fd7 Fix typo on merge function page (#1408) 1bbed2cf3 Update configuration.md be0b64a46 Omit ISO cbb5b8367 Fix `dateFormat` documentation 698f15466 Regenerate the docshelper f9a8a7cb6 Update multilingual.md a22dc6267 Fix grammar (#1398) eb98b0997 Fix pretty URL example (#1397) f4c4153dc Mention date var complementation in post scheduling (#1396) 17fae284c Fix resources.ExecuteAsTemplate argument order (#1394) 97e2c2abb Use code-toggle shortcode in `multilingual.md` (#1388) 3a84929bb Harmonize capitalization (#1393) 17f15daa6 fix file naming used in example (#1392) 5d97b6a18 Add slice syntax to sections permalinks config 00665b97b Improve description of `site.md` edcf5e3fc Fix example in `merge.md` f275ab778 Update postprocess.md 9593e3991 Fix file name 59bd9656f Update postprocess.md 1172fb6d0 Update to theNewDynamic repository (#1263) f5b5c1d2c Update Hugo container image 4f2e92f2a Adapt anchorize.md to Goldmark 98aa19073 Directly link to `highlight` shortcode (#1384) 4c75c2422 Fix header level f15c06f23 markdownify: add note about render-hooks and .RenderString (#1281) 69c82eb68 Remove Blackfriday reference from shortcode desc (#1380) 36de478df Update description of ignoreFiles config setting (#1377) 6337699d8 Remove "Authors" page from documentation (#1371) 35e73ca90 fix indent in example (#1372) d3f01f19a Remove opening body tag from header example (#1376) 341a5a7d8 Update index.md c9bfdbee6 Release 0.82.0 119644949 releaser: Add release notes to /docs for release of 0.82.0 32efaed78 docs: Regenerate docs helper dea5449a2 docs: Regen CLI docs eeab18fce Merge commit '81689af79901f0cdaff765cda6322dd4a9a7ccb3' d508a1259 Attributes for code fences should be placed after the lang indicator only c80905cef deps: Update to esbuild v0.9.0 95350eb79 Add support for Google Analytics v4 02d36f9bc Allow markdown attribute lists to be used in title render hooks 7df220a64 Merge commit '9d31f650da964a52f05fc27b7fb99cf3e09778cf' d80bf61b7 Fixes #7698. git-subtree-dir: docs git-subtree-split: fb551cc750faa83a1493b0e0d0898cd98ab74465
2021-04-20 14:21:45 -04:00
{{< /code-toggle >}}
`{{ .Site.Copyright | safeHTML }}` in a template would then output:
```
© 2015 Jane Doe. <a href="https://creativecommons.org/licenses/by/4.0/">Some rights reserved</a>.
```
However, without the `safeHTML` function, html/template assumes `.Site.Copyright` to be unsafe and therefore escapes all HTML tags and renders the whole string as plain text:
```
<p>© 2015 Jane Doe. &lt;a href=&#34;https://creativecommons.org/licenses by/4.0/&#34;&gt;Some rights reserved&lt;/a&gt;.</p>
```
[config]: /getting-started/configuration/