-
Notifications
You must be signed in to change notification settings - Fork 149
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Escape ampersand and single quote? #3
Comments
quicktemplate should escape single quotes - see the corresponding code and this test. Could you provide a short |
Ooops, you are correct. Thanks for the quick response and sorry for wasting your time. On 2nd glance, looks like the html package also remaps Test:
|
Yes! Fixed it! |
Looks like the escaper in the html package escapes single quotes:
https://golang.org/src/html/escape.go?s=3992:4005#L172
It appears that quicktemplate does not. Is that safe?
The text was updated successfully, but these errors were encountered: