mirror of
https://github.com/gohugoio/hugo.git
synced 2024-12-26 03:31:54 +00:00
e22b3f54c3
The `safeHTMLAttr` function operates on a full attribute definition, not just within the attribute value. Docs: https://gohugo.io/functions/safehtmlattr/ For `opengraph.html`, run the whole `content` HTML attribute through `safeHTMLAttr`. That will preserve `+` signs in formatted dates. For `vimeo_simple.html`, `safeHTMLAttr` was in the context of an attribute value, thus having no effect. In this case we could replace it with `safeURL`, but since the code is coming from an API it is safer to just let Go's template engine sanitize the value as it already does with `provider_url`. Fixes #5236 (no need to change Go upstream) Related to #5246 |
||
|---|---|---|
| .. | ||
| embedded | ||
| ace.go | ||
| amber_compiler.go | ||
| shortcodes.go | ||
| shortcodes_test.go | ||
| template.go | ||
| template_ast_transformers.go | ||
| template_ast_transformers_test.go | ||
| template_errors.go | ||
| template_funcs.go | ||
| template_funcs_test.go | ||
| template_info_test.go | ||
| templateFuncster.go | ||
| templateProvider.go | ||