From fce73262f2137644009e05f7b639c42a2a4e44e7 Mon Sep 17 00:00:00 2001 From: "mozilla%colinogilvie.co.uk" <> Date: Wed, 29 Jun 2005 22:17:39 +0000 Subject: Docs fixes for Bug 298827: builtin or built-in and Bug 298832: ie (sp) Patch by Frank Wein , r=me --- docs/xml/customization.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs/xml/customization.xml') diff --git a/docs/xml/customization.xml b/docs/xml/customization.xml index 1eef16673..49b73319e 100644 --- a/docs/xml/customization.xml +++ b/docs/xml/customization.xml @@ -153,7 +153,7 @@ to properly HTML filter data that has been passed into the template. This means that if the data can possibly contain special HTML characters such as <, and the data was not intended to be HTML, they need to be - converted to entity form, ie &lt;. You use the 'html' filter in the + converted to entity form, i.e. &lt;. You use the 'html' filter in the Template Toolkit to do this. If you forget, you may open up your installation to cross-site scripting attacks. @@ -162,7 +162,7 @@ Also note that Bugzilla adds a few filters of its own, that are not in standard Template Toolkit. In particular, the 'url_quote' filter can convert characters that are illegal or have special meaning in URLs, - such as &, to the encoded form, ie %26. This actually encodes most + such as &, to the encoded form, i.e. %26. This actually encodes most characters (but not the common ones such as letters and numbers and so on), including the HTML-special characters, so there's never a need to HTML filter afterwards. -- cgit v1.2.3-24-g4f1b