dplo59755 2018-05-18 09:48
浏览 324
已采纳

使用go模板解析显示为纯文本的页面中的HTML代码

I've started using the Go language, and am now trying to create an HTML page. I am quite new to both coding in Go and HTML.

In the Go program I'm trying to parse a HTML page (div) into a main html page (index.html) I'm trying to add this div to the main html page using a template in Go.

The html page where I'm trying to parse the data into looks like this:

<html>
<head>
    <meta charset="utf-8">
    <title>SmartHomePi Status</title>
    <link rel="stylesheet" href="../static/css/style.css">
</head>
<body>
    <h1>HomeControl Connection Status</h1>
    <div id="wrapper" width="100%">
        {{.SonoffBasic}}
    </div>
</body>

the {{.SonoffBasic}} part is the part where I'm trying to add my div. The div I'm trying to add looks like this:

<div id="sonoffbasicdevice">
    <span class="%connectiondotclass%"></span>
    <p id="title">%title%</p>
    <p id="tempandhum">%humstatus%</p>
    <p id="ipaddress">%ipaddress%</p>
    <p id="portnumber">%portnumber%</p>
</div>

All value's with %xxx% are parsed in go to contain useful information, and all goes correct.

But now I'm trying to parse those 2 together using a Template in Go, and here seems to go something wrong.

I'm doing that with the following function in Go:

func renderHomeKitTemplate(w http.ResponseWriter, tmpl string, items *WebPageHTMLItems) {
    err := templates.ExecuteTemplate(w, "index.html", items)
}

Where the variable items is a struct looking like this:

type WebPageHTMLItems struct{
    SonoffBasic  string
}

where theSonoffBasic string contains the div with all filled in information.

The webpage can be viewed when I run the program, but when the webpage is shown, instead of parsing the div, it is shown as plain text, what am I doing wrong in here? HTML code shown as text

Is this even the correct way to parse the data into the HTML file. The reason why I'm using this way of adding a complete div, is because I can have multiple "sonoffbasicdevice" items and should add multiple of them.

  • 写回答

1条回答 默认 最新

  • douying0108 2018-05-18 11:18
    关注

    Using template.HTML

    html/template provides automatic, context-sensitive escaping safe against code injection:

    HTML templates treat data values as plain text which should be encoded so they can be safely embedded in an HTML document. The escaping is contextual, so actions can appear within JavaScript, CSS, and URI contexts.

    There is a special type in the html/template package: template.HTML. Values of this type in the template are not escaped when the template is rendered.

    So change the type of WebPageHTMLItems.SonoffBasic to template.HTML and it will be rendered as-is:

    type WebPageHTMLItems struct{
    SonoffBasic template.HTML
}

    template.HTML has string as its underlying type, so to set this field from a string value, use a simple type conversion:

    params := &WebPageHTMLItems{
    SonoffBasic: template.HTML("<div>...</div>"),
}

    Word of warning: this will not protect against code injection! So for example when you substitute %title% and it contains JavaScript code, that will be let through to the output and finally executed in the clients' browsers.

    Using the {{template}} action

    Also note that you may define you <div> as a separate, named template, and just use the {{template}} action to include it in your page, something like this:

    {{define "sonoffbasicdevice"}}
    <div id="sonoffbasicdevice">
        <span class="%connectiondotclass%"></span>
        <p id="title">%title%</p>
        <p id="tempandhum">%humstatus%</p>
        <p id="ipaddress">%ipaddress%</p>
        <p id="portnumber">%portnumber%</p>
    </div>
{{end}}

    And in your page template:

    <div id="wrapper" width="100%">
    {{template "sonoffbasicdevice"}}
</div>

    Also note that to be on the completely safe side here, you may also make and pass params to your sonoffbasicdevice template like to any other, and let the html/template package take care of safe, context sensitive substitution:

    {{define "sonoffbasicdevice"}}
    <div id="sonoffbasicdevice">
        <span class="{{.Connectiondotclass}}"></span>
        <p id="title">{{.Title}}</p>
        <p id="tempandhum">{{.Humstatus}}</p>
        <p id="ipaddress">{{.Ipaddress}}</p>
        <p id="portnumber">{{.Portnumber}}</p>
    </div>
{{end}}

    Then you have to include it like this (to pass params intended for it):

    <div id="wrapper" width="100%">
    {{template "sonoffbasicdevice" .SonoffBasic}}
</div>

    Execution of this "multi-template" could look like this:

    type SonoffBasic struct {
    Connectiondotclass string
    Title              string
    Humstatus          string
    Ipaddress          string
    Portnumber         string
}

type WebPageHTMLItems struct{
    SonoffBasic *SonoffBasic
}

params := &WebPageHTMLItems{
    SonoffBasic: &SonoffBasic{
        Connectiondotclass: "someclass",
        Title:              "sometitle",
        Humstatus:          "somestatus",
        Ipaddress:          "someip",
        Portnumber:         "someport",
    },
}

err := templates.ExecuteTemplate(w, "index.html", params)
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 stm32流水灯+呼吸灯+外部中断按键
  • ¥15 将二维数组,按照假设的规定,如0/1/0 == "4",把对应列位置写成一个字符并打印输出该字符
  • ¥15 NX MCD仿真与博途通讯不了啥情况
  • ¥15 win11家庭中文版安装docker遇到Hyper-V启用失败解决办法整理
  • ¥15 gradio的web端页面格式不对的问题
  • ¥15 求大家看看Nonce如何配置
  • ¥15 Matlab怎么求解含参的二重积分?
  • ¥15 苹果手机突然连不上wifi了?
  • ¥15 cgictest.cgi文件无法访问
  • ¥20 删除和修改功能无法调用