如何預防Golang XSS 攻擊

package main

import (
    "fmt"
    "html"
)

func main() {
    str1 := "<script>alert(2)</script>"

    str2 := html.EscapeString(str1)
    fmt.Println(str2)
    str3 := html.UnescapeString(str2)
    fmt.Println(str3)
}

// 輸出
<script>alert(2)</script>
<script>alert(2)</script>