Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

html/template: JS and JSStr incorrectly escaped in javascript context #21968

Closed
justinclift opened this issue Sep 21, 2017 · 2 comments
Closed

html/template: JS and JSStr incorrectly escaped in javascript context #21968

justinclift opened this issue Sep 21, 2017 · 2 comments
Labels
FrozenDueToAge

Comments

@justinclift
Copy link

justinclift commented Sep 21, 2017
edited

Please answer these questions before submitting your issue. Thanks!

What version of Go are you using (go version)?

go version go1.9 linux/amd64

Does this issue reproduce with the latest release?

Yes

What operating system and processor architecture are you using (go env)?

Fedora 25, x64

What did you do?

Just trying to find any working method to pass URLs with parameters in them (eg "?foo=1&bar=2")
through to a template, for use by AngularJS.

Unfortunately, none of the data types (HTML, HTMLAttr, JS, JSStr, URL) seem able to suppress escaping:

    https://play.golang.org/p/pgNKYoHKV0

In the above example, the data types seem to be working as intended when they're just in simple template fields. The second they're in a structure though, it all falls apart and everything gets escaped, even types who's purpose (my understanding) is to not be escaped in this context. 😦

What did you expect to see?

Either JS or JSStr URLs in obj.Broken (above) which aren't escaped.

What did you see instead?

Everything in the obj (above) is being escaped, including JS and JSStr types.
@kennygrant
Copy link
Contributor

This looks like it is working as intended. You are inside a js context here, so JS and JSStr do what you want (as your link demonstrates).

When you use a struct directly in your template (or in this case an array of structs), it will be converted to a String for printing - in this context that will be escaped. So it is not doing what you expect for that reason.

If instead you want to provide unescaped content, perhaps add a function to your struct which returns the content you want as a JSStr type - don't attempt to use the printing of structs using String - instead use the JSStr type. Here is an example:

https://play.golang.org/p/WbJBt7AbUa

This sort of question is probably more suited to stackoverflow (at least until you're very sure there is a bug). If not a bug you should close this issue.

@justinclift
Copy link
Author

Ahh sorry. I was pretty sure it was a bug. 😄

@golang golang locked and limited conversation to collaborators Sep 22, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kennygrant @justinclift @gopherbot