escaping html attributes #1
Loading…
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Hey, I didn't see this mentioned in readme, so figured I should ask :) what is the right way to escape html attributes? Usually frameworks will have two functions :) one to escape text, one to escape attributes, well and I guess in case of Go they have like 50 of them :) https://go.dev/src/text/template/funcs.go#L631
Hi!
https://hexdocs.pm/glentities/glentities/html_encoder.html#encode is documented as "Encode text to be safe in the HTML body, inside element or attribute content.", so it should work for attributes. The others will work too, but will create a much larger output. Does this answer your question?
...
Apr 1, 2024 10:04:20 Yaroslav Lapin (@yaroslav.lapin) gitlab@mg.gitlab.com:
Thanks, I will try that :) I think that makes sense, but I was worried if there's something that I'm missing :)