From 4037223d0f12c44ecd6f369ccbabcbd279a1bdbc Mon Sep 17 00:00:00 2001
From: AP Jama <apjama@icloud.com>
Date: Thu, 1 Jun 2023 10:23:53 +0000
Subject: [PATCH] Fixed #34595 -- Doc'd that format_string arg of format_html()
 is not escaped.

---
 docs/ref/utils.txt | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/docs/ref/utils.txt b/docs/ref/utils.txt
index f666fdc05f..e37e59ddf2 100644
--- a/docs/ref/utils.txt
+++ b/docs/ref/utils.txt
@@ -612,8 +612,10 @@ escaping HTML.
 .. function:: format_html(format_string, *args, **kwargs)
 
     This is similar to :meth:`str.format`, except that it is appropriate for
-    building up HTML fragments. All args and kwargs are passed through
+    building up HTML fragments. The first argument ``format_string`` is not
+    escaped but all other args and kwargs are passed through
     :func:`conditional_escape` before being passed to ``str.format()``.
+    Finally, the output has :func:`~django.utils.safestring.mark_safe` applied.
 
     For the case of building up small HTML fragments, this function is to be
     preferred over string interpolation using ``%`` or ``str.format()``