mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-09-26 12:09:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

[1.4.x] Added more explicit warnings about unconfigured reStructured Text usage in docs.

Browse source 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17915 bcc190cf-cafb-0310-a4f2-bffc1f526a37

Backport of 718f149b from master
This commit is contained in:
Luke Plant 2012-04-19 15:00:55 +00:00
parent 45d43317b7
commit ff6ee5f06c
2 changed files with 17 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
docs/topics/security.txt
View file

@ -48,6 +48,14 @@ escaping.
You should also be very careful when storing HTML in the database, especially
when that HTML is retrieved and displayed.
Markup library
--------------
If you use :mod:`django.contrib.markup`, you need to ensure that the filters are
only used on trusted input, or that you have correctly configured them to ensure
they do not allow raw HTML output. See the documentation of that module for more
information.
Cross site request forgery (CSRF) protection
============================================