Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ErrStringUntrusted = errors.New("cannot provide trust level")
ErrStringUntrusted signifies that a SafeString's StringTrust level was insufficient in some context. (Check with errors.Is, not with ==.)
Functions ¶
Types ¶
type Attribute ¶
type Attribute struct {
// contains filtered or unexported fields
}
func EscapeAttribute ¶
func (Attribute) Check ¶
func (Attribute) Check(required TrustLevel) bool
type HTML ¶
type HTML struct {
// contains filtered or unexported fields
}
func EscapeHTML ¶
func (HTML) Check ¶
func (HTML) Check(required TrustLevel) bool
type String ¶
type String interface { fmt.Stringer Check(required TrustLevel) bool // contains filtered or unexported methods }
func Bless ¶
func Bless(level TrustLevel, s string) String
type Text ¶
type Text struct {
// contains filtered or unexported fields
}
func EscapeText ¶
func (Text) Check ¶
func (Text) Check(required TrustLevel) bool
type TrustLevel ¶
type TrustLevel int16
TrustLevel specifies the level of trust in a string value, by its origin or construction.
const ( // Must not appear in the page. Untrusted TrustLevel = iota // Safe to insert as HTML. HTMLSafe // Safe to insert as text (no HTML tags present). TextSafe // Safe to insert into url attributes (such as href). URLSafe // Safe to insert into most attributes. AttributeSafe // Assumed, by origin, safe in any context. FullyTrusted Default = Untrusted )
Different StringTrust levels. The order is not significant, except Untrusted, which should always be the zero value.
func Max ¶
func Max(x, y TrustLevel) TrustLevel
func (TrustLevel) String ¶
func (l TrustLevel) String() string
type URL ¶
type URL struct {
// contains filtered or unexported fields
}
func (URL) Check ¶
func (URL) Check(required TrustLevel) bool
type UntrustedString ¶
type UntrustedString string
func (UntrustedString) Check ¶
func (UntrustedString) Check(required TrustLevel) bool
func (UntrustedString) String ¶
func (r UntrustedString) String() string
Click to show internal directories.
Click to hide internal directories.