4.3 review
This commit is contained in:
hongruiqi
17
4.3.md
17
4.3.md
@@ -33,6 +33,19 @@
|
||||
输出
|
||||
|
||||
Hello, <script>alert('you have been pwned')</script>!
|
||||
|
||||
或者使用template.HTML类型
|
||||
|
||||
import "html/template"
|
||||
...
|
||||
t, err := template.New("foo").Parse(`{{define "T"}}Hello, {{.}}!{{end}}`)
|
||||
err = t.ExecuteTemplate(out, "T", template.HTML("<script>alert('you have been pwned')</script>"))
|
||||
|
||||
输出
|
||||
|
||||
Hello, <script>alert('you have been pwned')</script>!
|
||||
|
||||
转换成template.HTML后,变量的内容也不会被转义
|
||||
|
||||
转义的例子:
|
||||
|
||||
@@ -45,7 +58,7 @@
|
||||
|
||||
Hello, <script>alert('you have been pwned')</script>!
|
||||
|
||||
|
||||
|
||||
|
||||
## links
|
||||
* [目录](<preface.md>)
|
||||
@@ -53,4 +66,4 @@
|
||||
* 下一节: [防止多次递交表单](<4.4.md>)
|
||||
|
||||
## LastModified
|
||||
* $Id$
|
||||
* $Id$
|
||||
|
||||
Reference in New Issue
Block a user