On Fri, Nov 11, 2016, at 09:21 AM, Marvin Renich wrote:

> the Execute method escapes the first character ('<' in "<?xml") to be
> "&lt;".  This seems wrong to me, both logically and according to the
> documentation, which states in the fourth paragraph under Overview for
> text/template:
> 
>   all text outside actions is copied to the output unchanged.
> 
> Templates are assumed to be written by trusted authors, and don't need
> sanitizing; only the substitution data needs escaping.
> 
> I don't have a github account.  If nobody disagrees that this is a bug,
> will someone please file an issue?


html/template is only designed for use with html output. It understands
the html model and sanitizes the template according to the those rules.
You'll need to use text/template for xml.

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to