From 6e78e1054933c36a2e0fdf998db780c88bdef4a9 Mon Sep 17 00:00:00 2001 From: Claude Paroz Date: Wed, 18 Jul 2018 17:32:27 +0200 Subject: [PATCH] Added doc links for django.utils.html.escape(). --- docs/ref/contrib/admin/index.txt | 2 +- docs/ref/models/fields.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/ref/contrib/admin/index.txt b/docs/ref/contrib/admin/index.txt index d2911456db..a18f5682f0 100644 --- a/docs/ref/contrib/admin/index.txt +++ b/docs/ref/contrib/admin/index.txt @@ -422,7 +422,7 @@ subclass:: Note that this value is *not* HTML-escaped when it's displayed in the admin interface. This lets you include HTML if you so desire. Alternatively you can use plain text and - ``django.utils.html.escape()`` to escape any HTML special + :func:`django.utils.html.escape` to escape any HTML special characters. .. attribute:: ModelAdmin.filter_horizontal diff --git a/docs/ref/models/fields.txt b/docs/ref/models/fields.txt index 210619881c..94e299846d 100644 --- a/docs/ref/models/fields.txt +++ b/docs/ref/models/fields.txt @@ -270,7 +270,7 @@ desire. For example:: help_text="Please use the following format: YYYY-MM-DD." Alternatively you can use plain text and -``django.utils.html.escape()`` to escape any HTML special characters. Ensure +:func:`django.utils.html.escape` to escape any HTML special characters. Ensure that you escape any help text that may come from untrusted users to avoid a cross-site scripting attack.