html/template: URL auto-escaper may produce invalid markup #19205
Labels
FrozenDueToAge
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
What version of Go are you using (
go version
)?go version go1.8 linux/amd64
What operating system and processor architecture are you using (
go env
)?Any environment.
What did you do?
https://play.golang.org/p/vkxq91HMhf
What did you expect to see?
The template produces fully valid markup, i.e.
<a href="http://www.example.com/%5B%5D">a</a>
, as if using url.PathEscape.What did you see instead?
The square brackets remain unescaped in the path. According to the W3 Validator, this is invalid:
The text was updated successfully, but these errors were encountered: