hugo/content/en/functions/safe/HTMLAttr.md at 2658a71e1b6fe24a8b754a62ce0398a09d270d86

mirror of https://github.com/gohugoio/hugo.git synced 2024-11-14 20:37:55 -05:00

Bjørn Erik Pedersen 9b0050e9aa Squashed 'docs/' content from commit 5c085a37b

git-subtree-dir: docs
git-subtree-split: 5c085a37b297bf12f59efeaae591418ec025c10d

2024-01-27 10:48:33 +01:00

1.3 KiB

Raw Blame History

title

description

categories

keywords

action

aliases

safe.HTMLAttr

Declares the given key/value pair as a safe HTML attribute.

aliases

returnType

signatures

safeHTMLAttr

functions/safe/CSS

functions/safe/HTML

functions/safe/JS

functions/safe/JSStr

functions/safe/URL

template.HTMLAttr

safe.HTMLAttr INPUT

/functions/safehtmlattr

Given a site configuration that contains this menu entry:

{{< code-toggle file=hugo >}} menus.main name = "IRC" url = "irc://irc.freenode.net/#golang" {{< /code-toggle >}}

Attempting to use the url value directly in an attribute:

{{ range site.Menus.main }}
  <a href="{{ .URL }}">{{ .Name }}</a>
{{ end }}

Will produce:

<a href="#ZgotmplZ">IRC</a>

ZgotmplZ is a special value, inserted by Go's template/html package, that indicates that unsafe content reached a CSS or URL context.

To indicate that the HTML attribute is safe:

{{ range site.Menus.main }}
  <a {{ printf "href=%q" .URL | safeHTMLAttr }}>{{ .Name }}</a>
{{ end }}

{{% note %}} As demonstrated above, you must pass the HTML attribute name and value through the function. Applying safeHTMLAttr to the attribute value has no effect. {{% /note %}}

1.3 KiB Raw Blame History

1.3 KiB

Raw Blame History