ginger- An implementation of the Jinja2 template language in Haskell

Safe HaskellNone



A HTML type, useful for implementing type-safe conversion between plain text and HTML. The HTML representation used here assumed Unicode throughout, and UTF-8 should be used as the encoding when sending Html objects as responses to a HTTP client.



data Html Source #

A chunk of HTML source.


Eq Html Source # 


(==) :: Html -> Html -> Bool #

(/=) :: Html -> Html -> Bool #

Ord Html Source # 


compare :: Html -> Html -> Ordering #

(<) :: Html -> Html -> Bool #

(<=) :: Html -> Html -> Bool #

(>) :: Html -> Html -> Bool #

(>=) :: Html -> Html -> Bool #

max :: Html -> Html -> Html #

min :: Html -> Html -> Html #

Show Html Source # 


showsPrec :: Int -> Html -> ShowS #

show :: Html -> String #

showList :: [Html] -> ShowS #

Monoid Html Source # 


mempty :: Html #

mappend :: Html -> Html -> Html #

mconcat :: [Html] -> Html #

ToHtml Html Source #

Html itself is a trivial instance


toHtml :: Html -> Html Source #

ToGVal m Html Source #

This instance is slightly wrong; the asBoolean, asNumber, and asText methods all treat the HTML source as plain text. We do this to avoid parsing the HTML back into a Text (and dealing with possible parser errors); the reason this instance exists at all is that we still want to be able to pass pre-rendered HTML around sometimes, and as long as we don't call any numeric or string functions on it, everything is fine. When such HTML values accidentally do get used as strings, the HTML source will bleed into the visible text, but at least this will not introduce an XSS vulnerability.

It is therefore recommended to avoid passing Html values into templates, and also to avoid calling any string functions on Html values inside templates (e.g. capturing macro output and then passing it through a textual filter).


toGVal :: Html -> GVal m Source #

unsafeRawHtml :: Text -> Html Source #

Convert a chunk of HTML source code into an Html value as-is. Note that this bypasses any and all HTML encoding; the caller is responsible for taking appropriate measures against XSS and other potential vulnerabilities. In other words, the input to this function is considered pre-sanitized.

html :: Text -> Html Source #

Safely convert plain text to HTML.

htmlSource :: Html -> Text Source #

Extract HTML source code from an Html value.

class ToHtml s where Source #

Types that support conversion to HTML.

Minimal complete definition



toHtml :: s -> Html Source #


ToHtml Text Source #

Text is automatically HTML-encoded


toHtml :: Text -> Html Source #

ToHtml Html Source #

Html itself is a trivial instance


toHtml :: Html -> Html Source #

ToHtml [Char] Source #

String is automatically HTML-encoded and converted to Text


toHtml :: [Char] -> Html Source #

ToHtml (GVal m) Source #

Converting to HTML hooks into the ToHtml instance for Text for most tags. Tags that have no obvious textual representation render as empty HTML.


toHtml :: GVal m -> Html Source #