Documentation
¶
Overview ¶
Package htmlutil provides safe HTML element construction and rendering.
Index ¶
- func AddNonce(el *Element, length uint8) (string, error)
- func ComputeContentSha256(el *Element) (string, error)
- func RenderElement(el *Element) (template.HTML, error)
- func RenderElementToBuilder(el *Element, b *strings.Builder) error
- func RenderModuleScriptToBuilder(src string, b *strings.Builder) error
- func SetSha256Integrity(el *Element, external_hash string) (string, error)
- type Element
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ComputeContentSha256 ¶
ComputeContentSha256 returns the base64-encoded SHA-256 hash of the element's DangerousInnerHTML content.
func RenderElement ¶
RenderElement renders an element to template.HTML.
func RenderElementToBuilder ¶
RenderElementToBuilder renders an element into the provided builder.
func RenderModuleScriptToBuilder ¶
RenderModuleScriptToBuilder renders a <script type="module"> tag.
Types ¶
type Element ¶
type Element struct {
Tag string `json:"tag,omitempty"`
Attributes map[string]string `json:"attributes,omitempty"`
AttributesKnownSafe map[string]string `json:"attributesKnownSafe,omitempty"`
BooleanAttributes []string `json:"booleanAttributes,omitempty"`
TextContent string `json:"textContent,omitempty"`
DangerousInnerHTML string `json:"dangerousInnerHTML,omitempty"`
SelfClosing bool `json:"-"`
}
Element represents a single HTML element with attributes and content.
func EscapeIntoTrusted ¶
EscapeIntoTrusted returns a copy of el with all attributes escaped and merged into AttributesKnownSafe, and TextContent escaped into DangerousInnerHTML. The result is safe for rendering without further escaping.
Source Files
Click to show internal directories.
Click to hide internal directories.