diff options
author | Andrey Andreev <narf@devilix.net> | 2015-01-05 20:02:52 +0100 |
---|---|---|
committer | Andrey Andreev <narf@devilix.net> | 2015-01-05 20:02:52 +0100 |
commit | 2b5682d4f39f7d16ce47e2f45ea19ffab615cc60 (patch) | |
tree | 2a8f237f9824d3eebf5f54f1619da8859c24b93e | |
parent | 358b088aa9f288593f2af5af43e1b7d0028a2c8c (diff) |
[ci skip] Fix improper wording in upgrade notes
-rw-r--r-- | user_guide_src/source/installation/upgrade_300.rst | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst index a95125666..c84d16b31 100644 --- a/user_guide_src/source/installation/upgrade_300.rst +++ b/user_guide_src/source/installation/upgrade_300.rst @@ -247,7 +247,7 @@ A largely unknown rule about XSS cleaning is that it should *only be applied to output*, as opposed to input data. We've made that mistake ourselves with our automatic and global XSS cleaning -feature (see step 13 above), so now in an effort to discourage that +feature (see previous step about XSS above), so now in an effort to discourage that practice, we're also removing 'xss_clean' from the officially supported list of :doc:`form validation <../libraries/form_validation>` rules. |