// Copyright 2011 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package template import ( "fmt" "text/template/parse" ) // Error describes a problem encountered during template Escaping. type Error struct { // ErrorCode describes the kind of error. ErrorCode ErrorCode // Node is the node that caused the problem, if known. // If not nil, it overrides Name and Line. Node parse.Node // Name is the name of the template in which the error was encountered. Name string // Line is the line number of the error in the template source or 0. Line int // Description is a human-readable description of the problem. Description string } // ErrorCode is a code for a kind of error. type ErrorCode int // We define codes for each error that manifests while escaping templates, but // escaped templates may also fail at runtime. // // Output: "ZgotmplZ" // Example: // // where {{.X}} evaluates to `javascript:...` // Discussion: // "ZgotmplZ" is a special value that indicates that unsafe content reached a // CSS or URL context at runtime. The output of the example will be // // If the data comes from a trusted source, use content types to exempt it // from filtering: URL(`javascript:...`). const ( // OK indicates the lack of an error. OK ErrorCode = iota // ErrAmbigContext: "... appears in an ambiguous context within a URL" // Example: // // Discussion: // {{.X}} is in an ambiguous URL context since, depending on {{.C}}, // it may be either a URL suffix or a query parameter. // Moving {{.X}} into the condition removes the ambiguity: // ErrAmbigContext // ErrBadHTML: "expected space, attr name, or end of tag, but got ...", // "... in unquoted attr", "... in attribute name" // Example: // // //
//
{{end}} // {{define "attrs"}}href="{{.URL}}"{{end}} // Discussion: // Package html/template looks through template calls to compute the // context. // Here the {{.URL}} in "attrs" must be treated as a URL when called // from "main", but you will get this error if "attrs" is not defined // when "main" is parsed. ErrNoSuchTemplate // ErrOutputContext: "cannot compute output context for template ..." // Examples: // {{define "t"}}{{if .T}}{{template "t" .T}}{{end}}{{.H}}",{{end}} // Discussion: // A recursive template does not end in the same context in which it // starts, and a reliable output context cannot be computed. // Look for typos in the named template. // If the template should not be called in the named start context, // look for calls to that template in unexpected contexts. // Maybe refactor recursive templates to not be recursive. ErrOutputContext // ErrPartialCharset: "unfinished JS regexp charset in ..." // Example: // // Discussion: // Package html/template does not support interpolation into regular // expression literal character sets. ErrPartialCharset // ErrPartialEscape: "unfinished escape sequence in ..." // Example: // // Discussion: // Package html/template does not support actions following a // backslash. // This is usually an error and there are better solutions; for // example // // should work, and if {{.X}} is a partial escape sequence such as // "xA0", mark the whole sequence as safe content: JSStr(`\xA0`) ErrPartialEscape // ErrRangeLoopReentry: "on range loop re-entry: ..." // Example: // // Discussion: // If an iteration through a range would cause it to end in a // different context than an earlier pass, there is no single context. // In the example, there is missing a quote, so it is not clear // whether {{.}} is meant to be inside a JS string or in a JS value // context. The second iteration would produce something like // // ErrRangeLoopReentry // ErrSlashAmbig: '/' could start a division or regexp. // Example: // // Discussion: // The example above could produce `var x = 1/-2/i.test(s)...` // in which the first '/' is a mathematical division operator or it // could produce `/-2/i.test(s)` in which the first '/' starts a // regexp literal. // Look for missing semicolons inside branches, and maybe add // parentheses to make it clear which interpretation you intend. ErrSlashAmbig // ErrPredefinedEscaper: "predefined escaper ... disallowed in template" // Example: //
Hello
// Discussion: // Package html/template already contextually escapes all pipelines to // produce HTML output safe against code injection. Manually escaping // pipeline output using the predefined escapers "html" or "urlquery" is // unnecessary, and may affect the correctness or safety of the escaped // pipeline output in Go 1.8 and earlier. // // In most cases, such as the given example, this error can be resolved by // simply removing the predefined escaper from the pipeline and letting the // contextual autoescaper handle the escaping of the pipeline. In other // instances, where the predefined escaper occurs in the middle of a // pipeline where subsequent commands expect escaped input, e.g. // {{.X | html | makeALink}} // where makeALink does // return `link` // consider refactoring the surrounding template to make use of the // contextual autoescaper, i.e. // link // // To ease migration to Go 1.9 and beyond, "html" and "urlquery" will // continue to be allowed as the last command in a pipeline. However, if the // pipeline occurs in an unquoted attribute value context, "html" is // disallowed. Avoid using "html" and "urlquery" entirely in new templates. ErrPredefinedEscaper ) func (e *Error) Error() string { switch { case e.Node != nil: loc, _ := (*parse.Tree)(nil).ErrorContext(e.Node) return fmt.Sprintf("html/template:%s: %s", loc, e.Description) case e.Line != 0: return fmt.Sprintf("html/template:%s:%d: %s", e.Name, e.Line, e.Description) case e.Name != "": return fmt.Sprintf("html/template:%s: %s", e.Name, e.Description) } return "html/template: " + e.Description } // errorf creates an error given a format string f and args. // The template Name still needs to be supplied. func errorf(k ErrorCode, node parse.Node, line int, f string, args ...interface{}) *Error { return &Error{k, node, "", line, fmt.Sprintf(f, args...)} }