Changes between Initial Version and Version 1 of Ticket #17837, comment 4
- Timestamp:
- Mar 13, 2012, 12:47:55 AM (13 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #17837, comment 4
initial v1 1 1 At least the Django doc warns the users about that in https://docs.djangoproject.com/en/dev/ref/contrib/markup/: 2 2 3 Warning 3 '''Warning''' 4 4 The output of markup filters is marked “safe” and will not be escaped when rendered in a template. Always be careful to sanitize your inputs and make sure you are not leaving yourself vulnerable to cross-site scripting or other types of attacks. 5 5