html/template: escape JS in application/json script tag
Since ffd1c781 HTML templates check MIME type in the "type" attribute of "script" tag to decide if contents should be escaped as JavaScript. The whitelist of MIME types did not include application/json. Include it in this CL. Fixes #18159 Change-Id: I17a8a38f2b7789b4b7e941d14279de222eaf2b6a Reviewed-on: https://go-review.googlesource.com/33899Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>
Showing
Please register or sign in to comment