Changes between Version 134 and Version 135 of BackwardsIncompatibleChanges
- Timestamp:
- Nov 14, 2007, 7:52:38 AM (17 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
BackwardsIncompatibleChanges
v134 v135 430 430 == Auto-escaping in templates == 431 431 432 In [ XXXX] a long-awaited feature was committed to make default HTML template usage a bit safe from some forms of cross-site scripting attacks. For full details, read the [http://www.djangoproject.com/documentation/templates/#automatic-html-escaping template author documentation] and the [http://www.djangoproject.com/documentation/templates_python/#filters-and-auto-escaping template filter documentation].432 In [6671] a long-awaited feature was committed to make default HTML template usage a bit safe from some forms of cross-site scripting attacks. For full details, read the [http://www.djangoproject.com/documentation/templates/#automatic-html-escaping template author documentation] and the [http://www.djangoproject.com/documentation/templates_python/#filters-and-auto-escaping template filter documentation]. 433 433 434 434 Automatic HTML escaping (henceforth ''auto-escaping'') affects any variables in templates. It is only applied to variables and not to template tags.