1
0
mirror of https://github.com/django/django.git synced 2025-10-26 23:26:08 +00:00

[2.1.x] Refs #17419 -- Removed IE8 support in json_script example.

Backport of 02cd16a7a0 from master
This commit is contained in:
Tim Graham
2018-06-22 09:36:17 -04:00
parent c1c1ac2044
commit d5482dfe20

View File

@@ -1814,8 +1814,7 @@ The resulting data can be accessed in JavaScript like this:
.. code-block:: javascript .. code-block:: javascript
var el = document.getElementById('hello-data'); var value = JSON.parse(document.getElementById('hello-data').textContent);
var value = JSON.parse(el.textContent || el.innerText);
XSS attacks are mitigated by escaping the characters "<", ">" and "&". For XSS attacks are mitigated by escaping the characters "<", ">" and "&". For
example if ``value`` is ``{'hello': 'world</script>&amp;'}``, the output is: example if ``value`` is ``{'hello': 'world</script>&amp;'}``, the output is: