mirror of
https://github.com/gohugoio/hugo.git
synced 2024-11-21 20:46:30 -05:00
Merge commit '336622d5e7afd9334cd2de7150d4f16bdf7c24f9'
This commit is contained in:
commit
97b010f521
4 changed files with 13 additions and 6 deletions
|
@ -57,7 +57,7 @@ For HTML output, this is the core security model:
|
|||
|
||||
In short:
|
||||
|
||||
Templates authors (you) are trusted, but the data you send in is not.
|
||||
Template and configuration authors (you) are trusted, but the data you send in is not.
|
||||
This is why you sometimes need to use the _safe_ functions, such as `safeHTML`, to avoid escaping of data you know is safe.
|
||||
There is one exception to the above, as noted in the documentation: If you enable inline shortcodes, you also say that the shortcodes and data handling in content files are trusted, as those macros are treated as pure text.
|
||||
It may be worth adding that Hugo is a static site generator with no concept of dynamic user input.
|
||||
|
|
|
@ -34,7 +34,13 @@ You must also be comfortable working from the command line.
|
|||
### Commands
|
||||
|
||||
{{% note %}}
|
||||
If you are a Windows user, you must run these commands with [PowerShell]. You cannot use Windows Powershell, which is a different application, or the Command Prompt. You may also use a Linux shell if available.
|
||||
**If you are a Windows user:**
|
||||
|
||||
- Do not use the Command Prompt
|
||||
- Do not use Windows PowerShell
|
||||
- Run these commands from [PowerShell] or a Linux terminal such as WSL or Git Bash
|
||||
|
||||
PowerShell and Windows PowerShell are different applications.
|
||||
|
||||
[PowerShell]: https://learn.microsoft.com/en-us/powershell/scripting/install/installing-powershell-on-windows
|
||||
{{% /note %}}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<div class="mermaid">
|
||||
<pre class="mermaid">
|
||||
{{- .Inner | safeHTML }}
|
||||
</div>
|
||||
</pre>
|
||||
{{ .Page.Store.Set "hasMermaid" true }}
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
{{ if .Page.Store.Get "hasMermaid" }}
|
||||
<script src="https://cdn.jsdelivr.net/npm/mermaid/dist/mermaid.min.js"></script>
|
||||
<script>
|
||||
<script type="module" async>
|
||||
import mermaid from 'https://cdn.jsdelivr.net/npm/mermaid@9/+esm';
|
||||
|
||||
mermaid.initialize({ startOnLoad: true });
|
||||
</script>
|
||||
{{ end }}
|
||||
|
|
Loading…
Reference in a new issue