Skip to main content

transform.XMLEscape

The transform.XMLEscape function removes disallowed characters as defined in the XML specification, then escapes the result by replacing the following characters with HTML entities:

  • " → "
  • ' → '
  • & → &
  • < → &lt;
  • > → &gt;
  • \t → &#x9;
  • \n → &#xA;
  • \r → &#xD;

For example:

{{ transform.XMLEscape "abc" }} → &lt;p&gt;abc&lt;/p&gt;

When using transform.XMLEscape in a template rendered by Go's html/template package, declare the string to be safe HTML to avoid double escaping. For example, in an RSS template: