Fixed #30399 -- Changed django.utils.html.escape()/urlize() to use html.escape()/unescape().

2025-11-07 07:15:35 +00:00 · 2019-04-24 04:30:34 -07:00
parent 28d5262fa3
commit 8d76443aba
20 changed files with 57 additions and 59 deletions
--- a/docs/releases/3.0.txt
+++ b/docs/releases/3.0.txt
@@ -348,6 +348,10 @@ Miscellaneous
  the session and :func:`django.contrib.auth.logout` no longer preserves the
  session's language after logout.

+* :func:`django.utils.html.escape` now uses :func:`html.escape` to escape HTML.
+  This converts ``'`` to ``&#x27;`` instead of the previous equivalent decimal
+  code ``&#39;``.
+
 .. _deprecated-features-3.0:

 Features deprecated in 3.0