diff options
Diffstat (limited to 'docs/xml/customization.xml')
| -rw-r--r-- | docs/xml/customization.xml | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/docs/xml/customization.xml b/docs/xml/customization.xml index 1eef16673..49b73319e 100644 --- a/docs/xml/customization.xml +++ b/docs/xml/customization.xml @@ -153,7 +153,7 @@ to properly HTML filter data that has been passed into the template. This means that if the data can possibly contain special HTML characters such as <, and the data was not intended to be HTML, they need to be - converted to entity form, ie &lt;. You use the 'html' filter in the + converted to entity form, i.e. &lt;. You use the 'html' filter in the Template Toolkit to do this. If you forget, you may open up your installation to cross-site scripting attacks. </para> @@ -162,7 +162,7 @@ Also note that Bugzilla adds a few filters of its own, that are not in standard Template Toolkit. In particular, the 'url_quote' filter can convert characters that are illegal or have special meaning in URLs, - such as &, to the encoded form, ie %26. This actually encodes most + such as &, to the encoded form, i.e. %26. This actually encodes most characters (but not the common ones such as letters and numbers and so on), including the HTML-special characters, so there's never a need to HTML filter afterwards. |