- About Hugo
- Getting Started
- Hugo Modules
-
Content Management
- Content Management Overview
- Organization
- Page Bundles
- Content Formats
- Front Matter
- Build Options
- Page Resources
- Image Processing
- Shortcodes
- Related Content
- Sections
- Content Types
- Archetypes
- Taxonomies
- Summaries
- Links and Cross References
- URL Management
- Menus
- Static Files
- Table of Contents
- Comments
- Multilingual and i18n
- Syntax Highlighting
-
Templates
- Templates Overview
- Introduction
- Template Lookup Order
- Custom Output Formats
- Base Templates and Blocks
- List Page Templates
- Homepage Template
- Section Templates
- Taxonomy Templates
- Single Page Templates
- Content View Templates
- Data Templates
- Partial Templates
- Shortcode Templates
- Local File Templates
- 404 Page
- Menu Templates
- Pagination
- RSS Templates
- Sitemap Template
- Robots.txt
- Internal Templates
- Alternative Templating
- Template Debugging
-
Functions
- Functions Quick Reference
- .AddDate
- .Format
- .Get
- .GetPage
- .HasMenuCurrent
- .IsMenuCurrent
- .Param
- .Render
- .RenderString
- .Scratch
- .Unix
- absLangURL
- absURL
- after
- anchorize
- append
- apply
- base64
- chomp
- complement
- cond
- countrunes
- countwords
- dateFormat
- default
- delimit
- dict
- echoParam
- emojify
- eq
- errorf and warnf
- fileExists
- findRE
- first
- float
- ge
- getenv
- group
- gt
- hasPrefix
- highlight
- hmac
- htmlEscape
- htmlUnescape
- hugo
- humanize
- i18n
- Image Functions
- in
- index
- int
- intersect
- isset
- jsonify
- lang.Merge
- lang.NumFmt
- last
- le
- len
- lower
- lt
- markdownify
- Math
- md5
- merge
- ne
- now
- os.Stat
- partialCached
- path.Base
- path.Dir
- path.Ext
- path.Join
- path.Split
- plainify
- pluralize
- printf
- println
- querify
- range
- readDir
- readFile
- ref
- reflect.IsMap
- reflect.IsSlice
- relLangURL
- relref
- relURL
- replace
- replaceRE
- safeCSS
- safeHTML
- safeHTMLAttr
- safeJS
- safeURL
- seq
- sha
- shuffle
- singularize
- site
- slice
- slicestr
- sort
- split
- string
- strings.Count
- strings.HasSuffix
- strings.Repeat
- strings.RuneCount
- strings.TrimLeft
- strings.TrimPrefix
- strings.TrimRight
- strings.TrimSuffix
- substr
- symdiff
- templates.Exists
- time
- title
- transform.Unmarshal
- trim
- truncate
- union
- uniq
- upper
- urlize
- urls.Parse
- where
- with
- Variables
- Hugo Pipes
- CLI
- Troubleshooting
- Tools
- Hosting & Deployment
- Contribute
- Maintenance
safeJS
Declares the provided string as a known safe JavaScript string.
Syntax
safeJS INPUT
In this context, safe means the string encapsulates a known safe EcmaScript5 Expression (e.g., (x + y * z())
).
Template authors are responsible for ensuring that typed expressions do not break the intended precedence and that there is no statement/expression ambiguity as when passing an expression like { foo:bar() }\n['foo']()
, which is both a valid expression and a valid program with a very different meaning.
Example: Given hash = "619c16f"
defined in the front matter of your .md
file:
<script>var form_{{ .Params.hash | safeJS }};…</script>
→<script>var form_619c16f;…</script>
<script>var form_{{ .Params.hash }};…</script>
→<script>var form_"619c16f";…</script>