英文:
Parsing unescaped HTML to HTML template in Go
问题
我已经为测试创建了这个非常简单的程序。
package main
import (
"fmt"
"github.com/microcosm-cc/bluemonday"
"github.com/pressly/chi"
"github.com/russross/blackfriday"
"github.com/unrolled/render"
"net/http"
)
func main() {
r := chi.NewRouter()
r.Get("/", homepageGET)
http.ListenAndServe(":8080", r)
}
func homepageGET(w http.ResponseWriter, r *http.Request) {
Renderer := render.New(render.Options{
Directory: "frontend",
Extensions: []string{".tmpl", ".html"},
UnEscapeHTML: true,
})
unsafe := blackfriday.MarkdownCommon([]byte("**bolded text**"))
markdownContent := bluemonday.UGCPolicy().SanitizeBytes(unsafe)
fmt.Print(string(markdownContent))
Renderer.HTML(w, http.StatusOK, "index", map[string]interface{}{
"content": fmt.Sprintf(string(markdownContent))})
}
然后,我有一个只包含以下内容的HTML文件:
<body>
{{ .content }}
</body>
fmt.Print命令打印出"<p><strong>bolded text</strong></p>",但它被插入到HTML页面中为"<p><strong>bolded text</strong></p>"。
我认为这与转义的HTML有关,但对于unrolled/render包,我将其配置为不转义。我非常感谢任何帮助使测试程序正常工作(最好与unrolled/render一起)。
英文:
I have created this really simple program for testing.
package main
import (
"fmt"
"github.com/microcosm-cc/bluemonday"
"github.com/pressly/chi"
"github.com/russross/blackfriday"
"github.com/unrolled/render"
"net/http"
)
func main() {
r := chi.NewRouter()
r.Get("/", homepageGET)
http.ListenAndServe(":8080", r)
}
func homepageGET(w http.ResponseWriter, r *http.Request) {
Renderer := render.New(render.Options{
Directory: "frontend",
Extensions: []string{".tmpl", ".html"},
UnEscapeHTML: true,
})
unsafe := blackfriday.MarkdownCommon([]byte("**bolded text**"))
markdownContent := bluemonday.UGCPolicy().SanitizeBytes(unsafe)
fmt.Print(string(markdownContent))
Renderer.HTML(w, http.StatusOK, "index", map[string]interface{}{
"content": fmt.Sprintf(string(markdownContent))})
}
And then I have a HTML file containing nothing besides:
<body>
{{ .content }}
</body>
The fmt.Print command prints "<p><strong>bolded text</strong></p>", whereas it's inserted into the HTML page as: "&lt;p&gt;&lt;strong&gt;bolded text&lt;/strong&gt;&lt;/p&gt;".
I believe it is related to escaped HTML, but for the unrolled/render package I configure it as unescaped.. I'd greatly appreciate any help getting the test program working (preferably together with unrolled/render).
答案1
得分: 10
在Go语言中,你可以将已知安全的HTML字符串转换为template.HTML类型,并且由于unrolled/render使用Go的html/template来渲染HTML,所以你应该只需要使用这个。
Renderer.HTML(w, http.StatusOK, "index", map[string]interface{}{
"content": template.HTML(markdownContent),
})
英文:
In Go you can convert known safe html strings to the template.HTML type, and since unrolled/render uses Go's html/template to render html you should be able to use just that.
Renderer.HTML(w, http.StatusOK, "index", map[string]interface{}{
"content": template.HTML(markdownContent),
})
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论