mirror of
https://github.com/gohugoio/hugo.git
synced 2024-05-11 05:54:58 +00:00
1.2 KiB
1.2 KiB
title, description, godocref, date, publishdate, lastmod, categories, menu, keywords, signature, workson, hugoversion, relatedfuncs, deprecated, draft, aliases
| title | description | godocref | date | publishdate | lastmod | categories | menu | keywords | signature | workson | hugoversion | relatedfuncs | deprecated | draft | aliases | |||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| safeJS | Declares the provided string as a known safe JavaScript string. | https://golang.org/src/html/template/content.go?s=2548:2557#L51 | 2017-02-01 | 2017-02-01 | 2017-02-01 |
|
|
|
|
false | false |
In this context, safe means the string encapsulates a known safe EcmaScript5 Expression (e.g., (x + y * z())).
Template authors are responsible for ensuring that typed expressions do not break the intended precedence and that there is no statement/expression ambiguity as when passing an expression like { foo:bar() }\n['foo'](), which is both a valid expression and a valid program with a very different meaning.
Example: Given hash = "619c16f" defined in the front matter of your .md file:
<script>var form_{{ .Params.hash | safeJS }};…</script>→<script>var form_619c16f;…</script><script>var form_{{ .Params.hash }};…</script>→<script>var form_"619c16f";…</script>