safeHTML.md (1249B)
1 ---
2 title: safeHTML
3 # linktitle:
4 description: Declares a provided string as a "safe" HTML document to avoid escaping by Go templates.
5 date: 2017-02-01
6 publishdate: 2017-02-01
7 lastmod: 2017-02-01
8 categories: [functions]
9 menu:
10 docs:
11 parent: "functions"
12 keywords: [strings]
13 signature: ["safeHTML INPUT"]
14 workson: []
15 hugoversion:
16 relatedfuncs: []
17 deprecated: false
18 ---
19
20 It should not be used for HTML from a third-party, or HTML with unclosed tags or comments.
21
22 Given a site-wide [`config.toml`][config] with the following `copyright` value:
23
24 {{< code-toggle file="config" >}}
25 copyright = "© 2015 Jane Doe. <a href=\"https://creativecommons.org/licenses/by/4.0/\">Some rights reserved</a>."
26 {{< /code-toggle >}}
27
28 `{{ .Site.Copyright | safeHTML }}` in a template would then output:
29
30 ```
31 © 2015 Jane Doe. <a href="https://creativecommons.org/licenses/by/4.0/">Some rights reserved</a>.
32 ```
33
34 However, without the `safeHTML` function, html/template assumes `.Site.Copyright` to be unsafe and therefore escapes all HTML tags and renders the whole string as plain text:
35
36 ```
37 <p>© 2015 Jane Doe. <a href="https://creativecommons.org/licenses by/4.0/">Some rights reserved</a>.</p>
38 ```
39
40 [config]: /getting-started/configuration/