hugo/docs/content/en/functions/transform/XMLEscape.md

title	description	categories	keywords	action
transform.XMLEscape	Returns the given string, removing disallowed characters then escaping the result to its XML equivalent.			aliases related returnType signatures string transform.XMLEscape INPUT

{{< new-in 0.121.0 >}}

The transform.XMLEscape function removes disallowed characters as defined in the XML specification, then escapes the result by replacing the following characters with HTML entities:

• " → "
• ' → '
• & → &
• < → <
• > → >
• \t → 	
• \n → 

• \r → 


For example:

{{ transform.XMLEscape "<p>abc</p>" }} → &lt;p&gt;abc&lt;/p&gt;

When using transform.XMLEscape in a template rendered by Go's html/template package, declare the string to be safe HTML to avoid double escaping. For example, in an RSS template:

{{< code file="layouts/_default/rss.xml" >}} {{ .Summary | transform.XMLEscape | safeHTML }} {{< /code >}}