First < is getting escaped in RSS .Content

what you were doing or what you tried
I’m trying to include the full content from a Markdown file inside <content:encoded><![CDATA[ tag for RSS. I’ve tried this:

{{ "<content:encoded><![CDATA[" | safeHTML }}{{ .Content | safeHTML }}{{"]]></content:encoded>" | safeHTML}}

what you expected
I expected the .Content to render as HTML within the <content:encoded><![CDATA[ brackets.

what actually happened
<![CDATA[ is removed, and the first < of each HTML tag is escaped:

<content:encoded>&lt;div>Test div&lt;/div>
&lt;p>Test p&lt;/p></content:encoded>

My Hugo details:
Hugo Static Site Generator v0.80.0/extended darwin/amd64 BuildDate: unknown
GOOS=“darwin”
GOARCH=“amd64”
GOVERSION=“go1.15.6”

[markup]
  defaultMarkdownHandler = "goldmark"
  [markup.goldmark]
    [markup.goldmark.renderer]
      unsafe = true

Thanks so much for any light you can shed on what I’m doing wrong.

Basically you are trying to encode Content in RSS 1.0.

RSS 1.0 is a RDF Site Summary
RSS 2.0 is a dialect of XML

The internal Hugo RSS Template uses RSS 2.0.

Hugo uses Go template packages (text, HTML, XML) that automatically secure output.

You will have to do any escaping yourself in your RSS 1.0 template.

The internal template -in the above link- uses such escaping:

{{ printf "<?xml version=\"1.0\" encoding=\"utf-8\" standalone=\"yes\"?>" | safeHTML }}

You will most likely need to use some or all of the following functions:
printf, safeHTML, safeHTMLAttr

1 Like

Thank you! You pointed me in the right direction! Here is what I landed on:

<content:encoded>
  {{ printf "<![CDATA[" | safeHTML }}
    {{- printf "%s" .Content | safeHTML }}
  {{- printf "]]>" | safeHTML }}
</content:encoded>

Thank you!

Instead of calling printf 3 times, which is completely unnecessary, use the following construct:

<content:encoded>{{ printf "<![CDATA[%s]]" .Content | safeHTML }}</content:encoded>

The verb %s prints the uninterpreted bytes of the string or slice ) (in this case .Content) and whatever is entered before or after the verb will wrap its output.

More on the printing verbs can be found at the doc for: fmt - The Go Programming Language

1 Like

Thanks again! That worked (with one little change):

<content:encoded>{{ printf "<![CDATA[%s]]>" .Content | safeHTML }}</content:encoded>

I truly appreciate your help!

1 Like

Welp, I had it working yesterday. I must have jacked something up along the way. I’m back to the same results.

<content:encoded>{{ printf "<![CDATA[%s]]>" .Content | safeHTML }}</content:encoded>

That results in:

content:encoded>&lt;p class="lead">Test title here!&lt;/p></content:encoded>

Removes the <![CDATA[ and first < from .Content

Try placing everything within the funtion:
{{ printf "<content:encoded><![CDATA[%s]]></content:encoded>" .Content | safeHTML }}

Thanks for the suggestion. I tried that as well, and it produces the same results. So close… :crying_cat_face: Here is the entire file:

I think I’ve found the issue. Before sending my site to my host, I run hugo --gc --minify -d public - and I believe the --minify is stripping out the bits I need for XML.

Is there a way to minify everything except XML?

Sorry for the noise. I found this:

Everything works as expected…:sweat_smile:

This topic was automatically closed after 8 hours. New replies are no longer allowed.