mirror of
https://github.com/gohugoio/hugo.git
synced 2024-11-14 20:37:55 -05:00
e22b3f54c3
The `safeHTMLAttr` function operates on a full attribute definition, not just within the attribute value. Docs: https://gohugo.io/functions/safehtmlattr/ For `opengraph.html`, run the whole `content` HTML attribute through `safeHTMLAttr`. That will preserve `+` signs in formatted dates. For `vimeo_simple.html`, `safeHTMLAttr` was in the context of an attribute value, thus having no effect. In this case we could replace it with `safeURL`, but since the code is coming from an API it is safer to just let Go's template engine sanitize the value as it already does with `provider_url`. Fixes #5236 (no need to change Go upstream) Related to #5246 |
||
|---|---|---|
| .. | ||
| __h_simple_assets.html | ||
| figure.html | ||
| gist.html | ||
| highlight.html | ||
| instagram.html | ||
| instagram_simple.html | ||
| param.html | ||
| ref.html | ||
| relref.html | ||
| twitter.html | ||
| twitter_simple.html | ||
| vimeo.html | ||
| vimeo_simple.html | ||
| youtube.html | ||