"transform.XMLEscape | safeHTML" seems incomplete

I’ve recently moved to using hugo, and loving it, but I just went to switch my RSS feed from only summaries to providing full content, and suddenly had validation errors.

It seems like the template result of {{ .Content | transform.XMLEscape | safeHTML }} includes the > characters, as well as \n — although the documentation for transform.XMLEscape says they should be replaced. And of course, if I remove safeHTML, then there’s double-escaping.

Just for fun I tried transform.HTMLEscape instead, and it still leaves in the > characters.

Could this be a bug in XMLEscape & HTMLEscape? Or is there something I should check in my config, content, or RSS template?

Happy to share code, but not sure where to start. The current RSS feed is live on my site … and it’s “valid” but with warnings, relating to the included characters. Oddly, the .Summary version of the feed (without full content) still has the > characters, but the validator throws no warnings.

I’m using hugo v0.125.5-c8b9f9f81c375f5b391e61bae711ee63fc76c1fd+extended linux/amd64 BuildDate=2024-05-01T15:22:11Z VendorInfo=gohugoio and I tried going back as early as 0.123.0 with the same results.

Well, nevermind, I figured out my problem. Building with --minify and allowing it to minify XML causes the problem. I’ll just need to disable minification for XML.

I think there is a problem with the embedded RSS template. The last time I updated the template I suspect I tested with an automatic summary, not a manual summary or summary as defined in front matter. The summary definitions are a bit of a mess.

To handle all cases I’m wondering if it would be best just to use a CDATA element, e.g.,

<description>{{ printf "<![CDATA[%s]]>" .Summary | safeHTML }}</description>


This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.