qbit/go
1
0
Fork 0
mirror of https://github.com/golang/go synced 2024-11-22 04:34:39 -07:00
Code Releases Activity

html/template: doc nit

Browse Source 
Execute's data is untrusted regardless of package.

R=golang-dev, gri
CC=golang-dev
https://golang.org/cl/5797062
This commit is contained in:
Russ Cox 2012-03-12 14:26:10 -04:00
parent b23b001bd2
commit 4084f08401
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/pkg/html/template/doc.go
View File

@ -29,7 +29,7 @@ can be safely embedded in an HTML document. The escaping is contextual, so
actions can appear within JavaScript, CSS, and URI contexts. actions can appear within JavaScript, CSS, and URI contexts.
The security model used by this package assumes that template authors are The security model used by this package assumes that template authors are
trusted, while text/template Execute's data parameter is not. More details are trusted, while Execute's data parameter is not. More details are
provided below. provided below.
Example Example