1
0
mirror of https://github.com/django/django.git synced 2025-10-24 14:16:09 +00:00

Fixed #26206 -- Fixed docs comments causing empty code blocks.

This commit is contained in:
Tim Graham
2016-02-11 07:58:15 -05:00
parent 58f8150805
commit f2b45ddd99
2 changed files with 4 additions and 2 deletions

View File

@@ -1244,7 +1244,6 @@ The view is hooked up to your application and configured in the same fashion as
The response format is as follows: The response format is as follows:
.. code-block:: text .. code-block:: text
.. JSON doesn't allow comments so highlighting as JSON won't work here.
{ {
"catalog": { "catalog": {
@@ -1256,6 +1255,8 @@ The response format is as follows:
"plural": "..." # Expression for plural forms, or null. "plural": "..." # Expression for plural forms, or null.
} }
.. JSON doesn't allow comments so highlighting as JSON won't work here.
Note on performance Note on performance
------------------- -------------------

View File

@@ -30,10 +30,11 @@ malicious input, it is not entirely foolproof. For example, it will not
protect the following: protect the following:
.. code-block:: text .. code-block:: text
.. highlighting as html+django fails due to intentionally missing quotes.
<style class={{ var }}>...</style> <style class={{ var }}>...</style>
.. highlighting as html+django fails due to intentionally missing quotes.
If ``var`` is set to ``'class1 onmouseover=javascript:func()'``, this can result If ``var`` is set to ``'class1 onmouseover=javascript:func()'``, this can result
in unauthorized JavaScript execution, depending on how the browser renders in unauthorized JavaScript execution, depending on how the browser renders
imperfect HTML. (Quoting the attribute value would fix this case.) imperfect HTML. (Quoting the attribute value would fix this case.)