html/template: minor tweak to docs to improve HTML typography.

R=golang-dev, r CC=golang-dev https://golang.org/cl/5684046
2024-11-21 23:14:40 -07:00 · 2012-02-20 11:43:34 +11:00 · 2012-02-20 11:43:34 +11:00 · bcb7a85334
commit bcb7a85334
parent 463009ff06
1 changed files with 3 additions and 3 deletions
--- a/src/pkg/html/template/doc.go
+++ b/src/pkg/html/template/doc.go
@ -172,18 +172,18 @@ This package assumes that template authors are trusted, that Execute's data
 parameter is not, and seeks to preserve the properties below in the face
 of untrusted data:

-Structure Preservation Property
+Structure Preservation Property:
 "... when a template author writes an HTML tag in a safe templating language,
 the browser will interpret the corresponding portion of the output as a tag
 regardless of the values of untrusted data, and similarly for other structures
 such as attribute boundaries and JS and CSS string boundaries."

-Code Effect Property
+Code Effect Property:
 "... only code specified by the template author should run as a result of
 injecting the template output into a page and all code specified by the
 template author should run as a result of the same."

-Least Surprise Property
+Least Surprise Property:
 "A developer (or code reviewer) familiar with HTML, CSS, and JavaScript, who
 knows that contextual autoescaping happens should be able to look at a {{.}}
 and correctly infer what sanitization happens."