diff options
Diffstat (limited to 'doc/articles/wiki')
| -rw-r--r-- | doc/articles/wiki/edit.html | 6 | ||||
| -rw-r--r-- | doc/articles/wiki/index.html | 11 | ||||
| -rw-r--r-- | doc/articles/wiki/view.html | 6 |
3 files changed, 12 insertions, 11 deletions
diff --git a/doc/articles/wiki/edit.html b/doc/articles/wiki/edit.html index c14953b17..044c3bede 100644 --- a/doc/articles/wiki/edit.html +++ b/doc/articles/wiki/edit.html @@ -1,6 +1,6 @@ -<h1>Editing {{.Title |html}}</h1> +<h1>Editing {{.Title}}</h1> -<form action="/save/{{.Title |html}}" method="POST"> -<div><textarea name="body" rows="20" cols="80">{{printf "%s" .Body |html}}</textarea></div> +<form action="/save/{{.Title}}" method="POST"> +<div><textarea name="body" rows="20" cols="80">{{printf "%s" .Body}}</textarea></div> <div><input type="submit" value="Save"></div> </form> diff --git a/doc/articles/wiki/index.html b/doc/articles/wiki/index.html index 52bf7e798..6c45d7178 100644 --- a/doc/articles/wiki/index.html +++ b/doc/articles/wiki/index.html @@ -359,10 +359,10 @@ First, we must add <code>html/template</code> to the list of imports: <pre> import ( + <b>"html/template"</b> "http" "io/ioutil" "os" - <b>"html/template"</b> ) </pre> @@ -397,10 +397,11 @@ Template directives are enclosed in double curly braces. The <code>printf "%s" .Body</code> instruction is a function call that outputs <code>.Body</code> as a string instead of a stream of bytes, the same as a call to <code>fmt.Printf</code>. -The <code>|html</code> part of each directive pipes the value through the -<code>html</code> formatter before outputting it, which escapes HTML -characters (such as replacing <code>></code> with <code>&gt;</code>), -preventing user data from corrupting the form HTML. +The <code>html/template</code> package helps guarantee that only safe and +correct-looking HTML is generated by template actions. For instance, it +automatically escapes any greater than sign (<code>></code>), replacing it +with <code>&gt;</code>, to make sure user data does not corrupt the form +HTML. </p> <p> diff --git a/doc/articles/wiki/view.html b/doc/articles/wiki/view.html index 023391577..b1e87efe8 100644 --- a/doc/articles/wiki/view.html +++ b/doc/articles/wiki/view.html @@ -1,5 +1,5 @@ -<h1>{{.Title |html}}</h1> +<h1>{{.Title}}</h1> -<p>[<a href="/edit/{{.Title |html}}">edit</a>]</p> +<p>[<a href="/edit/{{.Title}}">edit</a>]</p> -<div>{{printf "%s" .Body |html}}</div> +<div>{{printf "%s" .Body}}</div> |