Hi, Using html/template i need to write an un-escaped value within a node attribute.
I m happy to use html/template for the added security layer, but here i feel like something is wrong. There s a template with a safe func tmpl = template.New("") tmpl.Funcs(map[string]interface{}{ "safe": func (some string) template.HTML{ return template.HTML(some) }, "safeattr": func (some string) template.HTMLAttr{ return template.HTMLAttr(some) }, }) Which parses this template tmpl.Parse(` <div attr="{{.Some | safe}}" attr="{{.Some | safeattr}}" >{{.Some | safe}}</div> <div attr="{{.Some}}" attr="{{.Some}}" >{{.Some}}</div> `) And execute this data s := struct{ Some string }{Some: "rrr <"} tmpl.Execute(os.Stdout, s) The result is this one <div attr="rrr <" attr="rrr <" >rrr <</div> <div attr="rrr <" attr="rrr <" >rrr <</div> In the first div node, the < character is correctly un-escaped within the node content, but the attribute is always escaped which is not expected. See the play here https://play.golang.org/p/djfHUHZnSQ Can you help ? thanks -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.