Use html/template, not text/template #41
Comments
|
There is some benefit of using text/template, like controlling white space when the body (or subject) is plain text. I can see this being really helpful on the subject, where you could have complex conditionals but every square inch is important. Example from the docs.
This also could be a breaking change if someone used html and used {{23 -}}. In HTML all extra white space becomes one, so it really is not needed. However, it will fail if left in with this change. |
echlebek
added a commit
that referenced
this issue
Mar 25, 2020
Fixes #41 Use html/template if email body is HTML Otherwise, use text/template
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We should be using the
html/templatepackage, nottext/template, for working with templated HTML. Thehtml/templatepackage sanitizes its inputs.This is a security issue; without
html/template, malicious input can be injected into the email message.See https://golang.org/pkg/html/template/
The text was updated successfully, but these errors were encountered: