Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

html: EscapeString(') should not be ' #3489

Closed
gopherbot opened this issue Apr 6, 2012 · 5 comments
Closed

html: EscapeString(') should not be ' #3489

gopherbot opened this issue Apr 6, 2012 · 5 comments

Comments

@gopherbot
Copy link

@gopherbot gopherbot commented Apr 6, 2012

by peterthrun@ymail.com:

What steps will reproduce the problem?

http://play.golang.org/p/uKNBC4VM8I

What is the expected output?

html.EscapeString("'") →   '
template.HTMLEscapeString("'") →  '

What do you see instead?

html.EscapeString("'") →  '
template.HTMLEscapeString("'") →  '

Please provide any additional information below.

The character entity reference ' is not defined by the HTML standard
(http://www.w3.org/TR/REC-html40/sgml/entities.html)

The text/template HTMLEscapeString function does the right thing.
@rsc
Copy link
Contributor

@rsc rsc commented Apr 6, 2012

Comment 1:

Oops.  Looks like apos was introduced in HTML5 (and XML)
but wasn't in earlier versions of HTML.
Thanks.

Owner changed to @nigeltao.

Status changed to Accepted.

Loading

@robpike
Copy link
Contributor

@robpike robpike commented Apr 7, 2012

Comment 2:

Labels changed: added priority-soon, removed priority-triage.

Loading

@gopherbot
Copy link
Author

@gopherbot gopherbot commented Apr 8, 2012

Comment 3 by peterthrun@ymail.com:

To prevent regressions, the comment at
http://golang.org/src/pkg/text/template/funcs.go#L249 should be updated to mention that
apos is not supported by older browsers.

Loading

@nigeltao
Copy link
Contributor

@nigeltao nigeltao commented Apr 11, 2012

Comment 4:

This issue was closed by revision 6277656.

Status changed to Fixed.

Loading

@nigeltao
Copy link
Contributor

@nigeltao nigeltao commented Apr 25, 2012

Comment 5:

This issue was closed by revision 105ef9366b53.

Loading

nigeltao added a commit that referenced this issue May 11, 2015
…, since IE8 and

««« backport a70135896879
html, exp/html: escape ' and " as ' and ", since IE8 and
below do not support '.

This makes package html consistent with package text/template's
HTMLEscape function.

Fixes #3489.

R=rsc, mikesamuel, dsymonds
CC=golang-dev
https://golang.org/cl/5992071
»»»
@golang golang locked and limited conversation to collaborators Jun 24, 2016
This issue was closed.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants