Skip to content

G
golang
Commit 467c726e authored by Robert Griesemer's avatar Robert Griesemer
Browse files
Options

add " and ' to list of html-escaped chars 

R=rsc
http://go/go-review/1017025
parent 796e29eb
Show whitespace changes
Inline Side-by-side
Showing with 19 additions and 10 deletions
src/pkg/template/format.go
View file @ 467c726e
......@@ -21,29 +21,38 @@ func StringFormatter(w io.Writer, value interface{}, format string) {
fmt.Fprint(w, value);
}
var esc_amp = strings.Bytes("&")
var esc_lt = strings.Bytes("<")
var esc_gt = strings.Bytes(">")
var (
esc_quot = strings.Bytes("""); // shorter than """
esc_apos = strings.Bytes("'"); // shorter than "'"
esc_amp = strings.Bytes("&");
esc_lt = strings.Bytes("<");
esc_gt = strings.Bytes(">");
)
// HtmlEscape writes to w the properly escaped HTML equivalent
// of the plain text data s.
func HtmlEscape(w io.Writer, s []byte) {
var esc []byte;
last := 0;
for i, c := range s {
if c == '&' || c == '<' || c == '>' {
w.Write(s[last:i]);
switch c {
case '"':
esc = esc_quot;
case '\'':
esc = esc_apos;
case '&':
w.Write(esc_amp);
esc = esc_amp;
case '<':
w.Write(esc_lt);
esc = esc_lt;
case '>':
w.Write(esc_gt);
esc = esc_gt;
default:
continue;
}
w.Write(s[last:i]);
w.Write(esc);
last = i+1;
}
}
w.Write(s[last:len(s)]);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment