summaryrefslogtreecommitdiff
path: root/docs/ref
diff options
context:
space:
mode:
authorJon Dufresne <jon.dufresne@gmail.com>2019-04-24 04:30:34 -0700
committerCarlton Gibson <carlton.gibson@noumenal.es>2019-04-25 15:09:07 +0200
commit8d76443aba863b75ad3b1392ca7e1d59bad84dc4 (patch)
tree1e550f8ebb06a935bd8a15496d049f54c54eded2 /docs/ref
parent28d5262fa3315690395f04e3619ed554dbaf725b (diff)
Fixed #30399 -- Changed django.utils.html.escape()/urlize() to use html.escape()/unescape().
Diffstat (limited to 'docs/ref')
-rw-r--r--docs/ref/templates/builtins.txt2
-rw-r--r--docs/ref/templates/language.txt2
-rw-r--r--docs/ref/utils.txt5
3 files changed, 7 insertions, 2 deletions
diff --git a/docs/ref/templates/builtins.txt b/docs/ref/templates/builtins.txt
index 9509377a24..cd5476fd6f 100644
--- a/docs/ref/templates/builtins.txt
+++ b/docs/ref/templates/builtins.txt
@@ -1603,7 +1603,7 @@ Escapes a string's HTML. Specifically, it makes these replacements:
* ``<`` is converted to ``&lt;``
* ``>`` is converted to ``&gt;``
-* ``'`` (single quote) is converted to ``&#39;``
+* ``'`` (single quote) is converted to ``&#x27;``
* ``"`` (double quote) is converted to ``&quot;``
* ``&`` is converted to ``&amp;``
diff --git a/docs/ref/templates/language.txt b/docs/ref/templates/language.txt
index 1287f012c2..33687fc49d 100644
--- a/docs/ref/templates/language.txt
+++ b/docs/ref/templates/language.txt
@@ -492,7 +492,7 @@ escaped:
* ``<`` is converted to ``&lt;``
* ``>`` is converted to ``&gt;``
-* ``'`` (single quote) is converted to ``&#39;``
+* ``'`` (single quote) is converted to ``&#x27;``
* ``"`` (double quote) is converted to ``&quot;``
* ``&`` is converted to ``&amp;``
diff --git a/docs/ref/utils.txt b/docs/ref/utils.txt
index 5f03dc66e4..b36282048f 100644
--- a/docs/ref/utils.txt
+++ b/docs/ref/utils.txt
@@ -584,6 +584,11 @@ escaping HTML.
for use in HTML. The input is first coerced to a string and the output has
:func:`~django.utils.safestring.mark_safe` applied.
+ .. versionchanged:: 3.0
+
+ In older versions, ``'`` is converted to its decimal code ``&#39;``
+ instead of the equivalent hex code ``&#x27;``.
+
.. function:: conditional_escape(text)
Similar to ``escape()``, except that it doesn't operate on pre-escaped