id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
19577	admin doc may encourage bad practices	foo@…	nobody	"On https://docs.djangoproject.com/en/1.4/ref/contrib/admin/ two places example code demonstrate allow_tags=True in order to return HTML fragments containing <span> tags.  Inside these tags data (self.first_name and self.last_name) is not escaped/quoted.

As such example code often is copy/pasted it probably should reflect ""best practices""?
"	Bug	closed	Documentation	1.4	Normal	fixed		Florian Apolloner	Ready for checkin	1	0	0	0	0	0