doc: Escape HTML comments properly

This commit is contained in:
Hajime Hoshi 2015-02-02 02:34:01 +09:00
parent 5f9eea5e6c
commit 2132925b88

View File

@ -83,7 +83,23 @@ func init() {
} }
func comment(text string) template.HTML { func comment(text string) template.HTML {
// TODO: text should be escaped // http://www.w3.org/TR/html-markup/syntax.html#comments
// The text part of comments has the following restrictions:
// * must not start with a ">" character
// * must not start with the string "->"
// * must not contain the string "--"
// * must not end with a "-" character
for strings.HasPrefix(text, ">") {
text = text[1:]
}
for strings.HasPrefix(text, "->") {
text = text[2:]
}
text = strings.Replace(text, "--", "", -1)
for strings.HasSuffix(text, "-") {
text = text[:len(text)-1]
}
return template.HTML("<!--\n" + text + "\n-->") return template.HTML("<!--\n" + text + "\n-->")
} }