1--- 2title: safeHTML 3# linktitle: 4description: Declares a provided string as a "safe" HTML document to avoid escaping by Go templates. 5date: 2017-02-01 6publishdate: 2017-02-01 7lastmod: 2017-02-01 8categories: [functions] 9menu: 10 docs: 11 parent: "functions" 12keywords: [strings] 13signature: ["safeHTML INPUT"] 14workson: [] 15hugoversion: 16relatedfuncs: [] 17deprecated: false 18--- 19 20It should not be used for HTML from a third-party, or HTML with unclosed tags or comments. 21 22Given a site-wide [`config.toml`][config] with the following `copyright` value: 23 24{{< code-toggle file="config" >}} 25copyright = "© 2015 Jane Doe. <a href=\"https://creativecommons.org/licenses/by/4.0/\">Some rights reserved</a>." 26{{< /code-toggle >}} 27 28`{{ .Site.Copyright | safeHTML }}` in a template would then output: 29 30``` 31© 2015 Jane Doe. <a href="https://creativecommons.org/licenses/by/4.0/">Some rights reserved</a>. 32``` 33 34However, without the `safeHTML` function, html/template assumes `.Site.Copyright` to be unsafe and therefore escapes all HTML tags and renders the whole string as plain text: 35 36``` 37<p>© 2015 Jane Doe. <a href="https://creativecommons.org/licenses by/4.0/">Some rights reserved</a>.</p> 38``` 39 40[config]: /getting-started/configuration/ 41