GoThrough - package:html/template

template.ErrAmbigContext

// We define codes for each error that manifests while escaping templates, but
// escaped templates may also fail at runtime.
// 
// Output: "ZgotmplZ"
// Example:
// 
// 	<img src="{{.X}}">
// 	where {{.X}} evaluates to `javascript:...`
// 
// Discussion:
// 
// 	"ZgotmplZ" is a special value that indicates that unsafe content reached a
// 	CSS or URL context at runtime. The output of the example will be
// 	  <img src="#ZgotmplZ">
// 	If the data comes from a trusted source, use content types to exempt it
// 	from filtering: URL(`javascript:...`).
// ErrAmbigContext: "... appears in an ambiguous context within a URL"
// Example:
//   <a href="
//      {{if .C}}
//        /path/
//      {{else}}
//        /search?q=
//      {{end}}
//      {{.X}}
//   ">
// Discussion:
//   {{.X}} is in an ambiguous URL context since, depending on {{.C}},
//  it may be either a URL suffix or a query parameter.
//   Moving {{.X}} into the condition removes the ambiguity:
//   <a href="{{if .C}}/path/{{.X}}{{else}}/search?q={{.X}}">
const ErrAmbigContext = iota

template.ErrBadHTML

// We define codes for each error that manifests while escaping templates, but
// escaped templates may also fail at runtime.
// 
// Output: "ZgotmplZ"
// Example:
// 
// 	<img src="{{.X}}">
// 	where {{.X}} evaluates to `javascript:...`
// 
// Discussion:
// 
// 	"ZgotmplZ" is a special value that indicates that unsafe content reached a
// 	CSS or URL context at runtime. The output of the example will be
// 	  <img src="#ZgotmplZ">
// 	If the data comes from a trusted source, use content types to exempt it
// 	from filtering: URL(`javascript:...`).
// ErrBadHTML: "expected space, attr name, or end of tag, but got ...",
//   "... in unquoted attr", "... in attribute name"
// Example:
//   <a href = /search?q=foo>
//   <href=foo>
//   <form na<e=...>
//   <option selected<
// Discussion:
//   This is often due to a typo in an HTML element, but some runes
//   are banned in tag names, attribute names, and unquoted attribute
//   values because they can tickle parser ambiguities.
//   Quoting all attributes is the best policy.
const ErrBadHTML = iota

template.ErrBranchEnd

// We define codes for each error that manifests while escaping templates, but
// escaped templates may also fail at runtime.
// 
// Output: "ZgotmplZ"
// Example:
// 
// 	<img src="{{.X}}">
// 	where {{.X}} evaluates to `javascript:...`
// 
// Discussion:
// 
// 	"ZgotmplZ" is a special value that indicates that unsafe content reached a
// 	CSS or URL context at runtime. The output of the example will be
// 	  <img src="#ZgotmplZ">
// 	If the data comes from a trusted source, use content types to exempt it
// 	from filtering: URL(`javascript:...`).
// ErrBranchEnd: "{{if}} branches end in different contexts"
// Example:
//   {{if .C}}<a href="{{end}}{{.X}}
// Discussion:
//   Package html/template statically examines each path through an
//   {{if}}, {{range}}, or {{with}} to escape any following pipelines.
//   The example is ambiguous since {{.X}} might be an HTML text node,
//   or a URL prefix in an HTML attribute. The context of {{.X}} is
//   used to figure out how to escape it, but that context depends on
//   the run-time value of {{.C}} which is not statically known.
// 
//   The problem is usually something like missing quotes or angle
//   brackets, or can be avoided by refactoring to put the two contexts
//   into different branches of an if, range or with. If the problem
//   is in a {{range}} over a collection that should never be empty,
//   adding a dummy {{else}} can help.
const ErrBranchEnd = iota

template.ErrEndContext

// We define codes for each error that manifests while escaping templates, but
// escaped templates may also fail at runtime.
// 
// Output: "ZgotmplZ"
// Example:
// 
// 	<img src="{{.X}}">
// 	where {{.X}} evaluates to `javascript:...`
// 
// Discussion:
// 
// 	"ZgotmplZ" is a special value that indicates that unsafe content reached a
// 	CSS or URL context at runtime. The output of the example will be
// 	  <img src="#ZgotmplZ">
// 	If the data comes from a trusted source, use content types to exempt it
// 	from filtering: URL(`javascript:...`).
// ErrEndContext: "... ends in a non-text context: ..."
// Examples:
//   <div
//   <div title="no close quote>
//   <script>f()
// Discussion:
//   Executed templates should produce a DocumentFragment of HTML.
//   Templates that end without closing tags will trigger this error.
//   Templates that should not be used in an HTML context or that
//   produce incomplete Fragments should not be executed directly.
// 
//   {{define "main"}} <script>{{template "helper"}}</script> {{end}}
//   {{define "helper"}} document.write(' <div title=" ') {{end}}
// 
//   "helper" does not produce a valid document fragment, so should
//   not be Executed directly.
const ErrEndContext = iota

template.ErrNoSuchTemplate

// We define codes for each error that manifests while escaping templates, but
// escaped templates may also fail at runtime.
// 
// Output: "ZgotmplZ"
// Example:
// 
// 	<img src="{{.X}}">
// 	where {{.X}} evaluates to `javascript:...`
// 
// Discussion:
// 
// 	"ZgotmplZ" is a special value that indicates that unsafe content reached a
// 	CSS or URL context at runtime. The output of the example will be
// 	  <img src="#ZgotmplZ">
// 	If the data comes from a trusted source, use content types to exempt it
// 	from filtering: URL(`javascript:...`).
// ErrNoSuchTemplate: "no such template ..."
// Examples:
//   {{define "main"}}<div {{template "attrs"}}>{{end}}
//   {{define "attrs"}}href="{{.URL}}"{{end}}
// Discussion:
//   Package html/template looks through template calls to compute the
//   context.
//   Here the {{.URL}} in "attrs" must be treated as a URL when called
//   from "main", but you will get this error if "attrs" is not defined
//   when "main" is parsed.
const ErrNoSuchTemplate = iota

template.ErrOutputContext

// We define codes for each error that manifests while escaping templates, but
// escaped templates may also fail at runtime.
// 
// Output: "ZgotmplZ"
// Example:
// 
// 	<img src="{{.X}}">
// 	where {{.X}} evaluates to `javascript:...`
// 
// Discussion:
// 
// 	"ZgotmplZ" is a special value that indicates that unsafe content reached a
// 	CSS or URL context at runtime. The output of the example will be
// 	  <img src="#ZgotmplZ">
// 	If the data comes from a trusted source, use content types to exempt it
// 	from filtering: URL(`javascript:...`).
// ErrOutputContext: "cannot compute output context for template ..."
// Examples:
//   {{define "t"}}{{if .T}}{{template "t" .T}}{{end}}{{.H}}",{{end}}
// Discussion:
//   A recursive template does not end in the same context in which it
//   starts, and a reliable output context cannot be computed.
//   Look for typos in the named template.
//   If the template should not be called in the named start context,
//   look for calls to that template in unexpected contexts.
//   Maybe refactor recursive templates to not be recursive.
const ErrOutputContext = iota

template.ErrPartialCharset

// We define codes for each error that manifests while escaping templates, but
// escaped templates may also fail at runtime.
// 
// Output: "ZgotmplZ"
// Example:
// 
// 	<img src="{{.X}}">
// 	where {{.X}} evaluates to `javascript:...`
// 
// Discussion:
// 
// 	"ZgotmplZ" is a special value that indicates that unsafe content reached a
// 	CSS or URL context at runtime. The output of the example will be
// 	  <img src="#ZgotmplZ">
// 	If the data comes from a trusted source, use content types to exempt it
// 	from filtering: URL(`javascript:...`).
// ErrPartialCharset: "unfinished JS regexp charset in ..."
// Example:
//     <script>var pattern = /foo[{{.Chars}}]/</script>
// Discussion:
//   Package html/template does not support interpolation into regular
//   expression literal character sets.
const ErrPartialCharset = iota

template.ErrPartialEscape

// We define codes for each error that manifests while escaping templates, but
// escaped templates may also fail at runtime.
// 
// Output: "ZgotmplZ"
// Example:
// 
// 	<img src="{{.X}}">
// 	where {{.X}} evaluates to `javascript:...`
// 
// Discussion:
// 
// 	"ZgotmplZ" is a special value that indicates that unsafe content reached a
// 	CSS or URL context at runtime. The output of the example will be
// 	  <img src="#ZgotmplZ">
// 	If the data comes from a trusted source, use content types to exempt it
// 	from filtering: URL(`javascript:...`).
// ErrPartialEscape: "unfinished escape sequence in ..."
// Example:
//   <script>alert("\{{.X}}")</script>
// Discussion:
//   Package html/template does not support actions following a
//   backslash.
//   This is usually an error and there are better solutions; for
//   example
//     <script>alert("{{.X}}")</script>
//   should work, and if {{.X}} is a partial escape sequence such as
//   "xA0", mark the whole sequence as safe content: JSStr(`\xA0`)
const ErrPartialEscape = iota

template.ErrPredefinedEscaper

// We define codes for each error that manifests while escaping templates, but
// escaped templates may also fail at runtime.
// 
// Output: "ZgotmplZ"
// Example:
// 
// 	<img src="{{.X}}">
// 	where {{.X}} evaluates to `javascript:...`
// 
// Discussion:
// 
// 	"ZgotmplZ" is a special value that indicates that unsafe content reached a
// 	CSS or URL context at runtime. The output of the example will be
// 	  <img src="#ZgotmplZ">
// 	If the data comes from a trusted source, use content types to exempt it
// 	from filtering: URL(`javascript:...`).
// ErrPredefinedEscaper: "predefined escaper ... disallowed in template"
// Example:
//   <div class={{. | html}}>Hello<div>
// Discussion:
//   Package html/template already contextually escapes all pipelines to
//   produce HTML output safe against code injection. Manually escaping
//   pipeline output using the predefined escapers "html" or "urlquery" is
//   unnecessary, and may affect the correctness or safety of the escaped
//   pipeline output in Go 1.8 and earlier.
// 
//   In most cases, such as the given example, this error can be resolved by
//   simply removing the predefined escaper from the pipeline and letting the
//   contextual autoescaper handle the escaping of the pipeline. In other
//   instances, where the predefined escaper occurs in the middle of a
//   pipeline where subsequent commands expect escaped input, e.g.
//     {{.X | html | makeALink}}
//   where makeALink does
//     return `<a href="`+input+`">link</a>`
//   consider refactoring the surrounding template to make use of the
//   contextual autoescaper, i.e.
//     <a href="{{.X}}">link</a>
// 
//   To ease migration to Go 1.9 and beyond, "html" and "urlquery" will
//   continue to be allowed as the last command in a pipeline. However, if the
//   pipeline occurs in an unquoted attribute value context, "html" is
//   disallowed. Avoid using "html" and "urlquery" entirely in new templates.
const ErrPredefinedEscaper = iota

template.ErrRangeLoopReentry

// We define codes for each error that manifests while escaping templates, but
// escaped templates may also fail at runtime.
// 
// Output: "ZgotmplZ"
// Example:
// 
// 	<img src="{{.X}}">
// 	where {{.X}} evaluates to `javascript:...`
// 
// Discussion:
// 
// 	"ZgotmplZ" is a special value that indicates that unsafe content reached a
// 	CSS or URL context at runtime. The output of the example will be
// 	  <img src="#ZgotmplZ">
// 	If the data comes from a trusted source, use content types to exempt it
// 	from filtering: URL(`javascript:...`).
// ErrRangeLoopReentry: "on range loop re-entry: ..."
// Example:
//   <script>var x = [{{range .}}'{{.}},{{end}}]</script>
// Discussion:
//   If an iteration through a range would cause it to end in a
//   different context than an earlier pass, there is no single context.
//   In the example, there is missing a quote, so it is not clear
//   whether {{.}} is meant to be inside a JS string or in a JS value
//   context. The second iteration would produce something like
// 
//     <script>var x = ['firstValue,'secondValue]</script>
const ErrRangeLoopReentry = iota

template.ErrSlashAmbig

// We define codes for each error that manifests while escaping templates, but
// escaped templates may also fail at runtime.
// 
// Output: "ZgotmplZ"
// Example:
// 
// 	<img src="{{.X}}">
// 	where {{.X}} evaluates to `javascript:...`
// 
// Discussion:
// 
// 	"ZgotmplZ" is a special value that indicates that unsafe content reached a
// 	CSS or URL context at runtime. The output of the example will be
// 	  <img src="#ZgotmplZ">
// 	If the data comes from a trusted source, use content types to exempt it
// 	from filtering: URL(`javascript:...`).
// ErrSlashAmbig: '/' could start a division or regexp.
// Example:
//   <script>
//     {{if .C}}var x = 1{{end}}
//     /-{{.N}}/i.test(x) ? doThis : doThat();
//   </script>
// Discussion:
//   The example above could produce `var x = 1/-2/i.test(s)...`
//   in which the first '/' is a mathematical division operator or it
//   could produce `/-2/i.test(s)` in which the first '/' starts a
//   regexp literal.
//   Look for missing semicolons inside branches, and maybe add
//   parentheses to make it clear which interpretation you intend.
const ErrSlashAmbig = iota

template.OK

// We define codes for each error that manifests while escaping templates, but
// escaped templates may also fail at runtime.
// 
// Output: "ZgotmplZ"
// Example:
// 
// 	<img src="{{.X}}">
// 	where {{.X}} evaluates to `javascript:...`
// 
// Discussion:
// 
// 	"ZgotmplZ" is a special value that indicates that unsafe content reached a
// 	CSS or URL context at runtime. The output of the example will be
// 	  <img src="#ZgotmplZ">
// 	If the data comes from a trusted source, use content types to exempt it
// 	from filtering: URL(`javascript:...`).
// OK indicates the lack of an error.
const OK = iota

template.HTMLEscape

// HTMLEscape writes to w the escaped HTML equivalent of the plain text data b.
func HTMLEscape(w io.Writer, b []byte)

template.HTMLEscapeString

// HTMLEscapeString returns the escaped HTML equivalent of the plain text data s.
func HTMLEscapeString(s string) string

template.HTMLEscaper

// HTMLEscaper returns the escaped HTML equivalent of the textual
// representation of its arguments.
func HTMLEscaper(args ...any) string

template.IsTrue

// IsTrue reports whether the value is 'true', in the sense of not the zero of its type,
// and whether the value has a meaningful truth value. This is the definition of
// truth used by if and other such actions.
func IsTrue(val any) (truth bool, ok bool)

template.JSEscape

// JSEscape writes to w the escaped JavaScript equivalent of the plain text data b.
func JSEscape(w io.Writer, b []byte)

template.JSEscapeString

// JSEscapeString returns the escaped JavaScript equivalent of the plain text data s.
func JSEscapeString(s string) string

template.JSEscaper

// JSEscaper returns the escaped JavaScript equivalent of the textual
// representation of its arguments.
func JSEscaper(args ...any) string

template.Must

// Must is a helper that wraps a call to a function returning (*Template, error)
// and panics if the error is non-nil. It is intended for use in variable initializations
// such as
// 
// 	var t = template.Must(template.New("name").Parse("html"))
func Must(t *Template, err error) *Template

template.New

// New allocates a new HTML template with the given name.
func New(name string) *Template

template.ParseFS

// ParseFS is like ParseFiles or ParseGlob but reads from the file system fs
// instead of the host operating system's file system.
// It accepts a list of glob patterns.
// (Note that most file names serve as glob patterns matching only themselves.)
func ParseFS(fs fs.FS, patterns ...string) (*Template, error)

template.ParseFiles

// ParseFiles creates a new Template and parses the template definitions from
// the named files. The returned template's name will have the (base) name and
// (parsed) contents of the first file. There must be at least one file.
// If an error occurs, parsing stops and the returned *Template is nil.
// 
// When parsing multiple files with the same name in different directories,
// the last one mentioned will be the one that results.
// For instance, ParseFiles("a/foo", "b/foo") stores "b/foo" as the template
// named "foo", while "a/foo" is unavailable.
func ParseFiles(filenames ...string) (*Template, error)

template.ParseGlob

// ParseGlob creates a new Template and parses the template definitions from
// the files identified by the pattern. The files are matched according to the
// semantics of filepath.Match, and the pattern must match at least one file.
// The returned template will have the (base) name and (parsed) contents of the
// first file matched by the pattern. ParseGlob is equivalent to calling
// ParseFiles with the list of files matched by the pattern.
// 
// When parsing multiple files with the same name in different directories,
// the last one mentioned will be the one that results.
func ParseGlob(pattern string) (*Template, error)

template.URLQueryEscaper

// URLQueryEscaper returns the escaped value of the textual representation of
// its arguments in a form suitable for embedding in a URL query.
func URLQueryEscaper(args ...any) string