mirror of
https://github.com/django/django.git
synced 2024-12-23 01:25:58 +00:00
Fixed #7470 -- Corrected typo in template docs. Thanks to cbmeeks@gmail.com for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7674 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
parent
8a861942cd
commit
e4fc327890
@ -346,7 +346,7 @@ To avoid this problem, you have two options:
|
||||
|
||||
* One, you can make sure to run each untrusted variable through the
|
||||
``escape`` filter (documented below), which converts potentially harmful
|
||||
HTML characters to unharmful ones. This was default the default solution
|
||||
HTML characters to unharmful ones. This was the default solution
|
||||
in Django for its first few years, but the problem is that it puts the
|
||||
onus on *you*, the developer / template author, to ensure you're escaping
|
||||
everything. It's easy to forget to escape data.
|
||||
|
Loading…
Reference in New Issue
Block a user