mirror/hugo
1
0
Fork 0
mirror of https://github.com/gohugoio/hugo.git synced 2025-08-19 21:21:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

tpl/tplimpl: Escape Markdown attributes in render hooks and shortcodes

Browse Source
This commit is contained in:
Joe Mooring
2024-12-04 14:01:31 -08:00
committed by Bjørn Erik Pedersen
parent b8c15f245b
commit 54398f8d57
7 changed files with 74 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
markup/goldmark/tables/tables_integration_test.go
View File

@@ -89,6 +89,12 @@ title = true
| Codecademy Hoodie | False | 42.99 |
{.foo}
## Table 2
a|b
---|---
1|2
{id="\"><script>alert()</script>"}
-- layouts/_default/single.html --
Summary: {{ .Summary }}
@@ -97,7 +103,8 @@ Content: {{ .Content }}
`
b := hugolib.Test(t, files)
b.AssertFileContent("public/p1/index.html", "<table class=\"foo\">")
b.AssertFileContent("public/p1/index.html", `<table class="foo">`)
b.AssertFileContent("public/p1/index.html", `<table id="&#34;&gt;&lt;script&gt;alert()&lt;/script&gt;">`)
}
// Issue 12811.
@@ -166,14 +173,8 @@ title: "Home"
| Codecademy Tee | False | 19.99 |
| Codecademy Hoodie | False | 42.99 |
-- layouts/index.xml --
Content: {{ .Content }}
`
b := hugolib.Test(t, files)