mirror of
https://github.com/django/django.git
synced 2025-10-24 14:16:09 +00:00
Added doc links for django.utils.html.escape().
This commit is contained in:
@@ -422,7 +422,7 @@ subclass::
|
|||||||
Note that this value is *not* HTML-escaped when it's displayed in
|
Note that this value is *not* HTML-escaped when it's displayed in
|
||||||
the admin interface. This lets you include HTML if you so desire.
|
the admin interface. This lets you include HTML if you so desire.
|
||||||
Alternatively you can use plain text and
|
Alternatively you can use plain text and
|
||||||
``django.utils.html.escape()`` to escape any HTML special
|
:func:`django.utils.html.escape` to escape any HTML special
|
||||||
characters.
|
characters.
|
||||||
|
|
||||||
.. attribute:: ModelAdmin.filter_horizontal
|
.. attribute:: ModelAdmin.filter_horizontal
|
||||||
|
@@ -270,7 +270,7 @@ desire. For example::
|
|||||||
help_text="Please use the following format: <em>YYYY-MM-DD</em>."
|
help_text="Please use the following format: <em>YYYY-MM-DD</em>."
|
||||||
|
|
||||||
Alternatively you can use plain text and
|
Alternatively you can use plain text and
|
||||||
``django.utils.html.escape()`` to escape any HTML special characters. Ensure
|
:func:`django.utils.html.escape` to escape any HTML special characters. Ensure
|
||||||
that you escape any help text that may come from untrusted users to avoid a
|
that you escape any help text that may come from untrusted users to avoid a
|
||||||
cross-site scripting attack.
|
cross-site scripting attack.
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user