diff --git a/docs/templates.txt b/docs/templates.txt
index ea9f3fb..6eba6df 100644
|
a
|
b
|
To avoid this problem, you have two options:
|
| 346 | 346 | |
| 347 | 347 | * One, you can make sure to run each untrusted variable through the |
| 348 | 348 | ``escape`` filter (documented below), which converts potentially harmful |
| 349 | | HTML characters to unharmful ones. This was default the default solution |
| 350 | | in Django for its first few years, but the problem is that it puts the |
| | 349 | HTML characters to unharmful ones. This was the default solution in |
| | 350 | Django for its first few years, but the problem is that it puts the |
| 351 | 351 | onus on *you*, the developer / template author, to ensure you're escaping |
| 352 | 352 | everything. It's easy to forget to escape data. |
| 353 | 353 | |