Help with unsafe content at runtime

support
1

Hello,

I am new to Hugo, I use the Hyde theme.

I am trying to insert in my sidebar menu an IRC item :

[[menu.main]]
name = “RSS”
pre = “”
weight = -70
identifier = “rss”
url = “https://abordes.ynh.fr/blog/index.xml”

[[menu.main]]
name = “IRC: Arnob at geeknode”
url = “irc://irc.geeknode.org”

as described in my other post : Link to IRC in menu doesn't work

However, the result in my html files is :

<ul class=“sidebar-nav”> <li><a href=“https://abordes.ynh.fr/blog”>ACCUEIL</a> </li> <li><a href=“/blog/about/”> A PROPOS </a></li><li><a href=“https://abordes.ynh.fr/gallerie/”> PHOTOS </a></li><li><a href=“/blog/tags/”> TAGS </a></li><li><a href=“https://abordes.ynh.fr/blog/index.xml”> RSS </a></li><li><a href=“#ZgotmplZ”> IRC: Arnob at geeknode </a></li> </ul>

As you can see, I have href="#ZgotmplZ instead of the expected irc://irc.geeknode.org …

I understood that I have to add in my templates:

<a href=“{{ .URL }}”> → <a href=“#ZgotmplZ”>
<a {{ printf “href=%q” .URL | safeHTMLAttr }}> → <a href=“irc://irc.geeknode.org”>

But I don’t know where. Thank you for any help.

2

I ask again :slight_smile:

3

Looking at the Hyde theme I think you need to place safeHTML in line 14 of the sidebar.html file that’s in the /themes/hyde/layouts/partials/ folder.

(Here’s a link to the file on GitHub.)

1 Like
4

I’m on my phone right now but in your template where you call the menu try inserting a condition:

<a href=“{{ if eq .Name “IRC: Arnob at geeknode” }}{{ .URL | safeHTML }}{{ else }}{{ .URL }}{{ end }}”>{{ .Name }}</a>

If the above doesn’t work then try using safeHTMLAttr

P.S. Also note that the forum software converts double quotes into smart quotes and if you simply copy-paste the above it will not work.

1 Like
5

Learn about lookup order.

If you copy /themes/hyde/layouts/partials/sidebar.html or any other theme file, you can place it in the equivalent place in your project, and hugo will use that instead. So, copy that file to /layouts/partials/sidebar.html and edit that.

1 Like
6

Thank you all for your replies. I took the easy way, adding in my sidebar.html :

<p class="lead">
      {{ with .Site.Params.description }} {{.}} {{ else }}Je suis aussi sur twitter <a href="http://twitter.coxxxxxx">@arxxxxx</a> et <a href="httxxxxxxxxxxxxxx">wechat</a>. On peut m'écrire à arnauld@xxxxxxxx{{end}} ou sur l'IRC : <a href="ircs://irc.geeknode.org">Arnob</a> at Geeknode.</p>