[2.1.x] Added doc links for django.utils.html.escape().
Backport of 6e78e10549
from master
This commit is contained in:
parent
223ba7fa57
commit
430b8254a7
|
@ -422,7 +422,7 @@ subclass::
|
||||||
Note that this value is *not* HTML-escaped when it's displayed in
|
Note that this value is *not* HTML-escaped when it's displayed in
|
||||||
the admin interface. This lets you include HTML if you so desire.
|
the admin interface. This lets you include HTML if you so desire.
|
||||||
Alternatively you can use plain text and
|
Alternatively you can use plain text and
|
||||||
``django.utils.html.escape()`` to escape any HTML special
|
:func:`django.utils.html.escape` to escape any HTML special
|
||||||
characters.
|
characters.
|
||||||
|
|
||||||
.. attribute:: ModelAdmin.filter_horizontal
|
.. attribute:: ModelAdmin.filter_horizontal
|
||||||
|
|
|
@ -270,7 +270,7 @@ desire. For example::
|
||||||
help_text="Please use the following format: <em>YYYY-MM-DD</em>."
|
help_text="Please use the following format: <em>YYYY-MM-DD</em>."
|
||||||
|
|
||||||
Alternatively you can use plain text and
|
Alternatively you can use plain text and
|
||||||
``django.utils.html.escape()`` to escape any HTML special characters. Ensure
|
:func:`django.utils.html.escape` to escape any HTML special characters. Ensure
|
||||||
that you escape any help text that may come from untrusted users to avoid a
|
that you escape any help text that may come from untrusted users to avoid a
|
||||||
cross-site scripting attack.
|
cross-site scripting attack.
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue