summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobert Griesemer <gri@golang.org>2009-11-03 22:52:10 -0800
committerRobert Griesemer <gri@golang.org>2009-11-03 22:52:10 -0800
commit2893d1c9cd41a84aad73f3970b8f84d64ef2ae2d (patch)
tree2839ae87355c3c310d95c98771ac9e13e63b566b
parentf53b18b93537507281cc4070eb7afd95cfe2dbc6 (diff)
downloadgolang-2893d1c9cd41a84aad73f3970b8f84d64ef2ae2d.tar.gz
add " and ' to list of html-escaped chars
R=rsc http://go/go-review/1017025
Diffstat
-rw-r--r--src/pkg/template/format.go39
1 files changed, 24 insertions, 15 deletions
diff --git a/src/pkg/template/format.go b/src/pkg/template/format.go
index bbdfcb4bb..bcffc66ac 100644
--- a/src/pkg/template/format.go
+++ b/src/pkg/template/format.go
@@ -21,28 +21,37 @@ func StringFormatter(w io.Writer, value interface{}, format string) {
fmt.Fprint(w, value);
}
-
-var esc_amp = strings.Bytes("&amp;")
-var esc_lt = strings.Bytes("&lt;")
-var esc_gt = strings.Bytes("&gt;")
+var (
+ esc_quot = strings.Bytes("&#34;"); // shorter than "&quot;"
+ esc_apos = strings.Bytes("&#39;"); // shorter than "&apos;"
+ esc_amp = strings.Bytes("&amp;");
+ esc_lt = strings.Bytes("&lt;");
+ esc_gt = strings.Bytes("&gt;");
+)
// HtmlEscape writes to w the properly escaped HTML equivalent
// of the plain text data s.
func HtmlEscape(w io.Writer, s []byte) {
+ var esc []byte;
last := 0;
for i, c := range s {
- if c == '&' || c == '<' || c == '>' {
- w.Write(s[last:i]);
- switch c {
- case '&':
- w.Write(esc_amp);
- case '<':
- w.Write(esc_lt);
- case '>':
- w.Write(esc_gt);
- }
- last = i+1;
+ switch c {
+ case '"':
+ esc = esc_quot;
+ case '\'':
+ esc = esc_apos;
+ case '&':
+ esc = esc_amp;
+ case '<':
+ esc = esc_lt;
+ case '>':
+ esc = esc_gt;
+ default:
+ continue;
}
+ w.Write(s[last:i]);
+ w.Write(esc);
+ last = i+1;
}
w.Write(s[last:len(s)]);
}
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-31 05:33:56 +0000