transform.XMLEscape - Hugo

The transform.XMLEscape function removes disallowed characters as defined in the XML specification, then escapes the result by replacing the following characters with HTML entities:

" → "
' → '
& → &
< → <
> → >
\t → 	
\n → 

\r →

For example:

go-html-template

{{ transform.XMLEscape "<p>abc</p>" }} → &lt;p&gt;abc&lt;/p&gt;

When using transform.XMLEscape in a template rendered by Go's html/template package, declare the string to be safe HTML to avoid double escaping. For example, in an RSS template:

xml

<description>{{ .Summary | transform.XMLEscape | safeHTML }}</description>