Punctuation characters converted in shortcode

I’ve created a shortcode for embedding an iframe that in brief looks like this:

<iframe src='https://onedrive.live.com/embed?{{ .Get "link" }}'> </iframe>

I call the shortcode in my page like so:

{{< onedrive link="cid=ABCDEFG&resid=HIJK%LMNO&authkey=QRSTUV&em=2" > }}

The code has punctuation (&, =, %) that is being converted in the resulting HTML, so the URL is now:

<iframe src='https://ondrive.live.com/embed?cid%3dABCDEFG%26resid%3dHIJK%25LMNO%26authkey%3dQRSTUV%26em%3d2'></iframe>

I tried using {{ .Get "link" | safeHTML }}, but that didn’t change anything (besides, these don’t look like HTML conversions. Are they UTF?). Is there another function I can pipe the string to so that it will give me the raw text instead?

How do I pass this string to the shortcode and have it rendered without the character conversions?

FYI, I’m on Hugo v0.65.3 on Windows using the ReFresh template.



Have you also tried safeHTMLAttr?

Yep, tried that one too.

I finally found the safeURL option, which seems to be the trick.

<iframe src='https://onedrive.live.com/embed?{{ .Get "link" | safeURL }}'> </iframe>

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.