qbit/go
1
0
Fork 0
mirror of https://github.com/golang/go synced 2024-11-23 05:00:07 -07:00
Code Releases Activity

html/template: update security model link

Browse Source 
Fixes #16148.

Change-Id: Ifab773e986b768602476824d005eea9200761236
Reviewed-on: https://go-review.googlesource.com/24327
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Andrew Gerrand <adg@golang.org>
This commit is contained in:
Ian Lance Taylor 2016-06-22 09:47:42 -07:00
parent b31ec5c564
commit bc3bcfd4e7
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/html/template/doc.go
View File

@ -166,7 +166,7 @@ that would have been produced if {{.}} was a regular string.
Security Model
http://js-quasis-libraries-and-repl.googlecode.com/svn/trunk/safetemplate.html#problem_definition defines "safe" as used by this package.
https://rawgit.com/mikesamuel/sanitized-jquery-templates/trunk/safetemplate.html#problem_definition defines "safe" as used by this package.
This package assumes that template authors are trusted, that Execute's data
parameter is not, and seeks to preserve the properties below in the face