mirror of
https://github.com/gohugoio/hugo.git
synced 2025-03-09 17:23:10 +00:00
e22b3f54c3
The `safeHTMLAttr` function operates on a full attribute definition, not just within the attribute value. Docs: https://gohugo.io/functions/safehtmlattr/ For `opengraph.html`, run the whole `content` HTML attribute through `safeHTMLAttr`. That will preserve `+` signs in formatted dates. For `vimeo_simple.html`, `safeHTMLAttr` was in the context of an attribute value, thus having no effect. In this case we could replace it with `safeURL`, but since the code is coming from an API it is safer to just let Go's template engine sanitize the value as it already does with `provider_url`. Fixes #5236 (no need to change Go upstream) Related to #5246 |
||
|---|---|---|
| .. | ||
| cast | ||
| collections | ||
| compare | ||
| crypto | ||
| data | ||
| encoding | ||
| fmt | ||
| hugo | ||
| images | ||
| inflect | ||
| internal | ||
| lang | ||
| math | ||
| os | ||
| partials | ||
| path | ||
| reflect | ||
| resources | ||
| safe | ||
| site | ||
| strings | ||
| templates | ||
| time | ||
| tplimpl | ||
| transform | ||
| urls | ||
| template.go | ||
| template_info.go | ||
| template_test.go | ||