diff options
author | Alberto Donizetti <alb.donizetti@gmail.com> | 2017-06-14 11:55:05 +0200 |
---|---|---|
committer | Brad Fitzpatrick <bradfitz@golang.org> | 2017-06-14 16:44:14 +0000 |
commit | 2c3c8c4247f84f53533dc61f606bbde09f783cdf (patch) | |
tree | 85751aadb2b5468bbcd4ef1f99c86e1c84e0bd4c | |
parent | b067ad939d9ba242c5c3bdd8a24220632311c6be (diff) | |
download | go-2c3c8c4247f84f53533dc61f606bbde09f783cdf.tar.gz go-2c3c8c4247f84f53533dc61f606bbde09f783cdf.zip |
doc: list html/template and text/template changes in 1.9 relnotes
Updates #20587
Change-Id: I3d65a0124157990b302db8879ee1a4941124ea11
Reviewed-on: https://go-review.googlesource.com/45730
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
-rw-r--r-- | doc/go1.9.html | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/doc/go1.9.html b/doc/go1.9.html index 3c2a1ce8fd..51aa1f071f 100644 --- a/doc/go1.9.html +++ b/doc/go1.9.html @@ -377,12 +377,11 @@ type T1 = T2 <dl id="html/template"><dt><a href="/pkg/html/template/">html/template</a></dt> <dd> - <p><!-- CL 37880 --> - TODO: <a href="https://golang.org/cl/37880">https://golang.org/cl/37880</a>: panic if predefined escapers are found in pipelines during rewriting - </p> - - <p><!-- CL 40936 --> - TODO: <a href="https://golang.org/cl/40936">https://golang.org/cl/40936</a>: allow safe usage of predefined escapers in pipelines + <p><!-- CL 37880, CL 40936 --> + The package now reports an error if a predefined escaper (one of + "html", "urlquery" and "js") is found in a pipeline and its + rewriting by the contextual auto-escaper could potentially lead + to security or correctness issues. </p> </dl><!-- html/template --> @@ -717,7 +716,9 @@ type T1 = T2 <dl id="text/template"><dt><a href="/pkg/text/template/">text/template</a></dt> <dd> <p><!-- CL 38420 --> - TODO: <a href="https://golang.org/cl/38420">https://golang.org/cl/38420</a>: fix handling of empty blocks + The handling of empty blocks, which was broken by a Go 1.8 + change that made the result dependent on the order of templates, + has been fixed, restoring the old Go 1.7 behavior. </p> </dl><!-- text/template --> |