go

GO HTMLEscape的用法是什么

小亿
76
2023-10-22 07:48:57
栏目: 编程语言

The HTMLEscape function is used to escape special characters in a given string so that they can be safely displayed in HTML. It is commonly used to prevent HTML injection and to ensure that user-generated content is properly rendered.

The function replaces the special characters with their corresponding HTML entities. For example, the less-than symbol “<” is replaced with “<”, the greater-than symbol “>” is replaced with “>”, and the ampersand symbol “&” is replaced with “&”.

Here is an example usage of the HTMLEscape function in Go:

package main

import (
	"fmt"
	"html"
)

func main() {
	str := "<script>alert('Hello, World!');</script>"
	escapedStr := html.EscapeString(str)
	fmt.Println(escapedStr)
}

Output:

<script>alert(&#39;Hello, World!&#39;);</script>

In the above example, the html.EscapeString() function is used to escape the special characters in the given string "<script>alert('Hello, World!');</script>". The result is then printed, showing the escaped version of the string that can be safely displayed in HTML without executing any scripts.

0
看了该问题的人还看了